The Canadian Shared Security Operations Centre (CanSSOC) is part of a new cyber security threat intelligence sharing partnership launched to help education organizations across the globe prevent and mitigate cyber attacks.
The new crossborder partnership will see CanSSOC collaborate with Jisc in the U.K., AARNet in Australia and REN-ISAC and OmniSOC in the U.S., all of which co-ordinate collective approaches similar to CanSSOC in their respective countries.
Below are links to other stories about this exciting announcement.
A new global cybersecurity initiative will allow higher education institutions to share real-time data to mitigate growing incidents of cyber threats.
The Canadian Shared Security Operations Centre (CanSSOC) announced on March 25 that they will be partnering with cybersecurity agencies in the U.S., U.K. and Australia, to address the vulnerability of higher education institutions to cyberattacks and share data on cybersecurity.
“What we are going to do is share specific threats that we are seeing, as real-time as possible, across the research and education sectors in our respective countries,” says Isaac Straley, chief information security officer at both CanSSOC and the University of Toronto. “We’re talking about… active information related to attacks, such as IP address information, files, or other indicators that would allow an institution to better detect that they have or have had an incident happen.”
From ransomware to espionage, educational institutions face a growing number of cybersecurity threats – which is why the University of Toronto is working with schools in Canada and abroad to thwart attacks by sharing data in real-time.
For nearly a year, the Canadian Shared Security Operations Centre (CanSSOC), for which U of T serves as administrative lead, has been piloting a threat feed that sends members immediate information on suspicious activity and potential breaches, all while protecting the anonymity of affected institutions. Now, CanSSOC will be partnering with organizations in the United States, Australia and the United Kingdom to extend this intelligence-sharing well beyond Canadian borders.
“This is unprecedented,” says Isaac Straley, who is the chief information security officer for both CanSSOC and U of T. “With this partnership, we’re really building relationships and working together to tackle this international problem.”
In response to the rise in cyber crime against the sector, particularly ransomware attacks, a global threat intelligence sharing partnership has been set up by five tertiary education and research sector security and technology bodies in the UK, US, Canada and Australia.
The partnership uses MISP, the open-source threat intelligence platform used world-wide by more than 6,000 organisations. Using the MISP’s automated warning system, the partner organisations can inform each other of attacks in real time, increasing the likelihood that they can either put in effective preventative measures, or reduce the impact of attacks.
“Jisc already works closely with other UK security agencies and its members to gather and share intelligence, which is crucial to maintaining robust cyber defences,” says Jisc’s executive director of e-infrastructure, Steve Kennett. “I’m delighted that we can now help extend that benefit internationally.”
A new cyber security threat intelligence sharing system has been launched to help research and education organisations across the globe prevent and mitigate cyber attacks. AARNet, Australia’s Academic and Research Network has joined forces with tertiary education and research sector security and technology bodies in Canada, the UK and US to form a global threat intelligence sharing partnership.
AARNet Chief Information Security Officer Charles Sterner says AARNet is strongly committed to efforts focused on securing Australia’s research and education sector.
“AARNet has been an active driver of security uplift initiatives for the research and education sector in recent years, spearheaded by the development of our security operations centre for Australian universities,” he said. “We see AARNet playing a key role in creating opportunities for people and groups with common challenges, both in Australia and globally, to achieve far better outcomes by collaborating than they would alone. This threat sharing agreement goes to the core of that vision and creates a base for building much larger collaborations focused on securing the sector.”
If you have questions about this threat intelligence sharing partnership or CanSSOC’s Threat Feed service, contact us.