Written by Joe Chen, VP of Engineering, Broadcom
Five years ago, Symantec, now an enterprise division of Broadcom, proudly became a founding member of the Cyber Threat Alliance as a not-for-profit organization. CTA was founded with the mission to share threat information and better protect the mutual customers of our members. It is important to view CTA objectively, even as a founding member, so each year, we evaluate our CTA membership. We ask ourselves: Are our customers receiving faster protections? Are we as CTA deploying protections to all control points for our shared customers?
What was a vision is now a reality. In the nearly two years since the pandemic began, we were happy to see CTA gained ten members. CTA members are international and represent different industries. Each member brings a unique perspective and context to their threat intelligence. As CTA members, we get access to over 1 million indicators of compromise with context per week through the Magellan platform. What each member does with the intelligence is up to them. This is a sticking point for CTA; a benefit not easily replicated on the outside.
Along with the automated sharing platform, we value the vast human-speed sharing that takes place. CTA’s unique early sharing program enables members early access to research from other members. This allows members to check and add protections before the rest of the industry even sees the research. When customers ask us about newly published research, we can truthfully tell them we have already seen it and have protections. At Symantec we make a goal to share all of our research with CTA before publication.
Regular sharing and collaboration builds trust. In July 2021, a ransomware campaign targeting Kaseya’s VSA product was discovered. Threat researchers and analysts from CTA members sprung into action, joining calls to share ideas, and exchanging research and threat indicators. You would have never known this was a group of direct competitors working together.
Over the past five years, we continue to see that the sharing that happens in CTA benefits us, our fellow members, but most importantly, it benefits our shared customers against cyber actors. Our customers expect us to work together so their systems run seamlessly. At Symantec, we are proud to share our research and intelligence with CTA for the greater good, and we are happy with the intelligence we receive in return. In the next five years, my hope is that CTA continues to grow and other members of the cybersecurity industry join us in realizing these benefits. Happy anniversary, CTA!