BLOOMINGTON, Ind.—OmniSOC, the shared cybersecurity operations center for research and higher education led by Indiana University, will join sister organizations in Australia, Canada, and the United Kingdom in a new cybersecurity threat intelligence-sharing partnership.
Using MISP, the open-source threat intelligence platform used world-wide by more than 6,000 organizations, OmniSOC and its global partners Australia’s Academic and Research Network, Canadian Shared Security Operations Centre, and Jisc will collaboratively leverage threat intelligence to help research and education organizations across the globe prevent and mitigate cyberattacks.
Combined with other threat intelligence sources … this global threat intelligence gives OmniSOC analysts a unique perspective. This is a great example of global collaboration in the face of a global threat.
Von Welch, executive director, OmniSOC
Cybercrime does not respect international borders, and there are often strong similarities in the method of attacks seen in different countries. Using the MISP’s automated warning system, OmniSOC and partner organizations can inform each other of attacks in real time, increasing the likelihood that they can either put in effective preventative measures, or reduce the impact of attacks. The formal partnership has just been launched following the signing of a memorandum of understanding in April.
“This platform will enhance OmniSOC’s ability to apply threat intelligence to the benefit of our members,” said Von Welch, executive director of the OmniSOC. “Combined with other threat intelligence sources, such as REN-ISAC and those shared by our partners, this global threat intelligence gives OmniSOC analysts a unique perspective. This is a great example of global collaboration in the face of a global threat.”
Other founding partners in this collaboration include:
Using the MISP’s automated warning system, OmniSOC and partner organizations can inform each other of attacks in real time, increasing the likelihood that they can either put in effective preventative measures, or reduce the impact of attacks.
“AARNet has been an active driver of security uplift initiatives for the research and education sector in recent years, spearheaded by the development of our security operations centre for Australian universities,” said Charles Sterner, chief information security officer at AARNet. “We see AARNet playing a key role in creating opportunities for people and groups with common challenges, both in Australia and globally, to achieve far better outcomes by collaborating than they would alone. This threat sharing agreement goes to the core of that vision and creates a base for building much larger collaborations focused on securing the sector. We are very grateful for the support of the Australian government for this initiative through the AustCyber Projects Fund.”
“CanSSOC’s motto is ‘Better than what we can do on our own, always in partnership’ because we recognize the value and strength built through coordinated and community-focused approaches to security threats,” said Isaac Straley, chief information security officer at CanSSOC and the University of Toronto. “This international partnership aligns closely with our ongoing efforts in Canada to bring together and provide services that can be consumed by a diverse set of institutions for broad benefit and protection against cyber threats. We’re eager to build on our existing relationships with Canadian sector partners and Canada’s NREN to tap into the services, expertise, and leadership of the international community, for the benefit of our sector as a whole.”
“The threat from cyber criminals is growing and constantly evolving and, if we are to stay ahead of the curve, we must continually update our knowledge and adopt agile response mechanisms,” said Steve Kennett, Jisc’s executive director of e-infrastructure. “As an automated platform, with real-time data sharing capability, MISP will help us to do that.” Kennet continued, “Jisc already works closely with other UK security agencies and its members to gather and share intelligence, which is crucial to maintaining robust cyber defenses. I’m delighted that we can now help extend that benefit internationally.”
About the OmniSOC
OmniSOC is the shared cybersecurity operations center for higher education and research. OmniSOC rapidly delivers only critical, actionable, high-quality alerts 24x7x365, allowing cybersecurity staff to focus on what’s important, at substantial cost savings, from a trusted leader in the higher education cybersecurity community. OmniSOC operates collaboratively across member institutions, reducing the time from first awareness of a cybersecurity threat anywhere to mitigation everywhere for our higher education institutions and research facilities members.