Open source information sharing for critical infrastructure early warning

Collaborative information sharing developed by ETHOS to help entire Operational Technology (OT) community rapidly identify, assess and respond to potential and emerging threats.

  • 1 year ago Posted in

A group of OT cybersecurity leaders and critical infrastructure defenders introduce their plans for ETHOS (Emerging THreat Open Sharing), an open-source, vendor-agnostic technology platform for sharing anonymous early warning threat information across industries with peers and governments.

 

Founding ETHOS community members include 1898 & Co., ABS Group, Claroty, Dragos, Forescout, NetRise, Network Perception, Nozomi Networks, Schneider Electric, Tenable, and Waterfall Security.

 

ETHOS will give critical industries a vendor-neutral option for information sharing to combat the growing number of cyber threats. An always-on, open-source solution that functions like a hotline to correlate information from many security vendors to identify anomalous behaviors will strengthen cybersecurity defenses across industries and ensure more effective government communication and support.

 

ETHOS is under initial cooperative development with the goal of sharing data to investigate early threat indicators and discovering new and novel attacks. As an open-source initiative, any individual, organization or security vendor may contribute to ETHOS, its direction and many future developments. General membership applications will be available in June 2023.

 

“The scale of threats facing critical infrastructure operators, and in particular Operational Technology networks, requires an approach to information sharing grounded in collaboration and interoperability,” said Eric Goldstein, Executive Assistant Director for Cybersecurity, CISA. “CISA is eager to continue support for community-driven efforts to reduce silos that impede timely and effective information sharing. We look forward to collaborating with such communities, including the ETHOS community, to improve early warning and response to potential cyber threats, while appropriately protecting sensitive information about our nation’s critical infrastructure community.”

 

ETHOS will collectively uncover and share emerging threats for which there is no threat intelligence or no known attack pattern available, across private and public sector stakeholders. ETHOS brings a vendor-neutral option to improve public/private sector cooperation for effective real-time information sharing across sectors and with governments. The success of ETHOS will mean fewer asset owners become victims of preventable cyber-attacks.

Trustwave and Cybereason have announced a definitive merger agreement offering a comprehensive and...
FortiDLP’s unified approach to data protection enables enterprise organizations to anticipate and...
On average, only 48% of digital initiatives meet or exceed business outcome targets, according to...
Falcon platform will deliver complete protection against identity-based attacks across hybrid cloud...
95% of UK businesses said they were negatively impacted by supply chain cyber breaches within the...
Acquisition of leading DSPM company will bolster Proofpoint’s human-centric security platform...
NTT DATA’s new Managed Detection & Response service powered by Palo Alto Networks Cortex XSIAM...
SPG is enhancing its cybersecurity capabilities in a new partnership with Saviynt, a leading...