IEEE Forms Security Collaboration GroupBy Ericka Chickowski | Posted 2009-08-21 Email Print
Re-Thinking HR: What Every CIO Needs to Know About Tomorrow's Workforce
Group will help standardize and stimulate collaboration between security researchers, who’ve traditionally struggled to effectively share information that could benefit the technology community.
The Institute of Electrical and Electronics Engineers Standards Association (IEEE-SA) is bringing together some of the biggest names in security to form a group that it hopes will better pool security knowledge and resources in order to fight the increasingly chaotic barrage of malware that enterprises face.
Announced this week, the Industry Connections Security Group (ICSG) started its roster growth with five large security vendors: Symantec, McAfee, Trend Micro, AVG Technologies and Microsoft.
According to the initial participants, ICSG will help standardize and stimulate collaboration between security researchers, who’ve traditionally struggled to effectively share information that could benefit the technology community with others at competing organizations.
"No one organization is capable of addressing the magnitude and sophistication of today’s threat. The problem demands a more cohesive response," Jeff Green, ICSG chair and senior vice president of McAfee Avert Labs, explained in a statement.
Though the security industry has seen many working groups form around specific hot button issues and security problems, ICSG’s backers say they formed the coalition because they believe that none of the cooperation stimulated by these groups has ever been standardized or documented in a way that systematically improves security or operational efficiency.
"The industry has fragmented itself among various siloed efforts designed to solve very specific problems, such as phishing and spyware," said Green. "ICSG offers us a unique opportunity to work collectively in a safe-harbor environment to advance innovation, more comprehensively address the security problem and deliver systematic improvements."
ICSG will start its efforts with a working group targeting malware. This first working group will make an effort to establish an effective way for ICSG members to share malware samples and information about them.
In this way, maybe security researchers can take a page from cybercriminals, who long ago found a way to collaborate and work within an efficient ecosystem.
"In the past few years, attackers have shifted away from the mass distribution of a small number of threats to micro distribution of millions of distinct threats," Vincent Weafer, vice president, Symantec Security Response, said in a statement. "This new data sharing standard initiative provides a framework for the development of new industry standards that enable the pooling of industry experience and resources, and will have visibility and review by the wider academic and industry groups."
Security service providers and other organizations within the channel with an interest in IT security can find information about joining ICSG at the group’s <a href=http://standards.ieee.org/prod-serv/indconn/icsg/ICSG_ICAID.pdf>website</a>. IEEE-SA is on a membership drive to bolster the security group’s roster.