Cyber Threat Alliance (CTA) is a not-for-profit organization working to improve the cybersecurity of our global digital ecosystem by enabling near real-time, high-quality cyber threat information sharing and operational coordination among companies and organizations in the cybersecurity field. This novel approach brings together companies that compete with one another and enables them to work together for the greater good.
Today’s rapidly evolving threat landscape and the clear failure of previous efforts to “solve the problem” demands that we change our approach to cybersecurity in several ways. One key change involves enabling cybersecurity providers to share intelligence and cooperate in incident response. Each CTA member has access to different pieces of the intelligence puzzle, and CTA helps bring them together to understand the broader picture. This approach enables CTA members to gain rapid access to information they otherwise would not have, which in turn allows them to better protect their customers. Other members will use the shared data to identify high impact actions that will thwart multiple actors’ activities.
CTA is aimed at producers and consumers of threat intelligence. They want members who represent a broad swath of the digital ecosystem, regional players who strengthen CTA’s presence in key geographies, and enablers who give CTA visibility into key aspects of the threat landscape. They are particularly interested in bringing on new members with threat intelligence data who provide systems security, network security, cloud services, data protection, telecommunications services and endpoint protection, including mobile devices. They also look for members with expertise in Internet of Things (IoT) devices, industrial control systems (ICS), and other operational technology (OT). At its core, CTA is a member-driven organization, and all members are required to be able to connect to the CTA platform and meet their minimum sharing requirement of threat intelligence.