Getting to Know CTA: Part 1 — A Community of Practice

The Cyber Threat Alliance (CTA) recently published our Solutions Fact Sheet, which details for prospective members and other interested parties the many ways in which CTA membership generates mutual value. In this series of blog posts, we will explore in greater depth these various use cases and the common themes that tie them together.

 

WHAT IS A COMMUNITY OF PRACTICE?

Communities of practice are groups bound together by shared expertise and passion for what they do. These groups of practitioners work collaboratively to create and share knowledge and advance the state of their field.

One of the core motivations behind the creation of CTA was a desire to establish a nexus around which the emerging community of threat intelligence practitioners could similarly grow while developing new approaches, tools, and techniques for securing our digital ecosystem.

 

BUILDING CONNECTIONS WITH INDUSTRY PEERS

As an organization whose membership is composed of private-sector organizations from across the cybersecurity industry, we are well-placed to facilitate the development and strengthening of professional and institutional relationships among our members and their threat intelligence teams.

Through regular engagement in CTA committees and working groups, practitioners can engage directly with one another, sharing ideas and gaining deeper insights into their own work and that of their peers. The trust that is built upon within our network through this regularized collaboration allows CTA to function as an industry-wide rolodex of experts for those moments when members need more information about a threat, adversary, or pattern of activity.

 

REGULAR FEEDBACK ON DATA SHARING

This same collaborative dynamic is also essential for creating a feedback loop of data quality improvement, which in-turn enhances the overall value of intelligence sharing through CTA. By working with CTA staff and peers, threat intelligence teams responsible for making submissions to our threat intelligence sharing platform can improve their own internal vetting and review processes. They also work to improve the technical infrastructure of CTA’s sharing platform.

Over time, our members not only advance more widespread adoption of existing best practices in this domain, but also generate momentum to push those standards forward in support of our common goal: sharing actionable threat intelligence to better secure our digital ecosystem.

 

A COLLECTIVE VOICE FOR INDUSTRY POLICY AND POSITIONS

CTA members come from across the world but share a variety of common interests. This includes ensuring that threat intelligence sharing is permissible (or even encouraged) under regulations of different jurisdictions. Our members are able to inform a collective voice through CTA, which carries further when we speak up together. CTA leverages our position as a vendor-neutral body to comment on relevant policy issues and provide global leadership on information sharing.

We achieve this through several channels. We engage in advocacy at events, including CyberNext DC, the World Economic Forum, and policy-focused webinars. We contribute occasional feedback on policy reports and proposals, for example the 2018 NTIA report on “Enhancing the Resilience of the Internet and Communications Ecosystem Against Botnets and other Automated, Distributed Threats.” And we conduct analysis on how public policy choices impact the cybersecurity of major events, such as the Tokyo Olympic Games.

 

TYING IT ALL TOGETHER

We are able to effect meaningful change to improve global cybersecurity by working together around a common set of goals. Our collective voice carries weight to shape policy that, in turn, impacts how effectively the industry can secure its customers. Our commitment to maximizing the quality of our shared data and sustained iteration of our sharing platform means that the value of CTA membership grows over time. Our regular engagement of members in the operations, development, and governance of CTA helps to ensure a trusted environment in which collaboration can thrive.

By bringing our members and their researchers together, we become more than the sum of our individual strengths. CTA is a community of dedicated and skilled practitioners open to all those who share in our common values and mission.

 

CTA

Author: Josh Kenway

Josh Kenway is a Cybersecurity Associate at CTA working on media, research, and analysis, and a Research Fellow at the Algorithmic Justice League. Previously a CTA intern, he holds a master’s degree in International Policy from Stanford University, where he focused on cybersecurity and digital policy issues. He earned his undergraduate degree in economics and political science from the University of Georgia and hails from London, England.