Threat Intelligence: It Isn’t a Competition

Yesterday, I stepped on a stage in San Francisco with CEOs and leaders from five other cybersecurity companies – Check Point, Cisco, Fortinet, Intel Security and Symantec – to announce the revamped, bigger and now-independent Cyber Threat Alliance.

Normally, we are competitors. However, the Cyber Threat Alliance brings us all together in good faith to share threat information for the purpose of improving defenses against advanced cyber adversaries across member organizations and our respective customers.

Our company mission is to maintain trust in today’s digital world, and the collective intelligence from the Cyber Threat Alliance ecosystem – the output of which will be delivered through our Next-Generation Security Platform – furthers our ability to enable our customers to successfully prevent cyber breaches. We six founding members now also agree that this expanded and independent Cyber Threat Alliance is key to advancing that mission.

To make the Cyber Threat Alliance a more effective and powerful force, we announced the:

  • Establishment of the Cyber Threat Alliance as its own, truly independent organization with a president, board of directors, and governance structure.
  • Appointment of Michael Daniel as the first president of the Cyber Threat Alliance. Michael was formerly special assistant to the president and cybersecurity coordinator for the White House and brings unique and valuable expertise to this position.
  • Addition of Check Point and Cisco to this powerful group of founding members, and additional affiliate and contributing members (e.g., InSights, RSA and Rapid7).
  • Unveiling of the Cyber Threat Alliance Platform for Threat Intelligence Sharing, which is now fully operational and actively sharing tens of thousands of samples and pieces of active threat intelligence each week.

Ultimately, the vision of the Cyber Threat Alliance and its members is threefold:

  1. To share threat information in order to improve defenses against advanced cyber adversaries across member organizations and their customers.
  2. To advance the cybersecurity of critical information technology infrastructures.
  3. To increase the security, availability, integrity and efficiency of information systems.

With yesterday’s announcement, we made a bold step forward on our first vision item. As a founding Cyber Threat Alliance member and consistent driver of automated threat intelligence sharing, Palo Alto Networks is pleased with the continued forward momentum toward collectively improving the industry’s defenses against advanced cyber adversaries.

Next comes our work on the second and third vision items while we continue to improve the Cyber Threat Alliance Platform and add new members. We believe that by expanding the Cyber Threat Alliance, we are stronger together and can overcome some of the inherent challenges in isolated approaches to cybersecurity.

For us here at Palo Alto Networks, the Cyber Threat Alliance is another way that we show our longstanding and fundamental commitment to the importance of threat information sharing. We have said for years that the industry and the public sector must operationalize threat information sharing; that’s the best way to shift the balance of power against cyber adversaries. The Cyber Threat Alliance and its new operational platform is a realization of that belief. As a founding member, we have been involved in the Cyber Threat Alliance since it started in 2014, and yesterday’s announcements are a realization of the goals and vision we had when this all began.

We are committed to strong, continued support and participation in the Cyber Threat Alliance. I look forward to updating you in the future on the Cyber Threat Alliance’s progress in our shared vision.