Credit Unions - Threat Intelligence

CardTech · ‎04-19-2019

Hello all you who are Credit Union security Gurus. I am looking to see how many of you participate in some sort of Threat Intelligence sharing and how you go about passing relevant IoC's back and forth. Thanks.

CardTech · ‎04-19-2019

We identify any URL, IP or Hash that is not caught by our other security products and pass this information into our threat feed to share with others. All of the major players are part of the Cyber Threat Alliance, so if they didn't catch it, I like to think that its worth adding to our own personal threat feed and sharing with others.

AlecTrevelyan · ‎04-20-2019

The CTA members use STIX to share information between themselves:

https://www.cyberthreatalliance.org/what-we-do/

Info on STIX (and TAXII and CybOX) can be found here - these are the industry standards for sharing threat intelligence:

https://www.us-cert.gov/Information-Sharing-Specifications-Cybersecurity

CraginS · ‎04-21-2019

@CardTech wrote:
Hello all you who are Credit Union security Gurus. I am looking to see how many of you participate in some sort of Threat Intelligence sharing and how you go about passing relevant IoC's back and forth. Thanks.

Credit unions are part of the financial sector and should be involved with the range of security support activities in that sector. The key organization for just what you are seeking is teh FS-ISAC.

Financial Services Information Sharing and Analysis Center (FS-ISAC)

Other resources support the financial services sector, too.

DHS on the Financial Services Sector

Protecting Financial Institutions Against Cyber Threats: A National Security Issue (Carnegie Endowme...

Intelligence and National Security Alliance (INSA) on Financial Sector Security

The above list is far from exhaustive.

http://bfy.tw/NJyc

D. Cragin Shelton, DSc
Dr.Cragin@iCloud.com
My Blog
My LinkeDin Profile
My Community Posts