You are here

How ThreatExchange From Facebook Can Help Your Company

After Sony was attacked by hackers that ultimately took control of their IT infrastructure for days on end, many companies were looking at ways that they could increase their coverage of threats in order to avoid a similar fate.

Facebook and several other large partners like Yahoo decided that launching a private exchange that would facilitate disseminating threat information was worthwhile. Threatexchange is the net result of their collaboration in IT security.

Here are some ways that Threatexchange can help your company:

Structure is extensible: As Facebook says, "rather than focus on stories"- they have chosen to focus on making their platform extensible by creating an API that allows Facebook developers that know how to create applications a way to send a feed of information that will augment data that has already been shared. The upshot is that users who login in order to access information will be able to see full information from several different companies that are working on the same problem, sharing online. This makes the platform powerful because it is possible to track a threat as it evolves and spreads in the wild. 

The more the merrier: One of the most difficult and tedious things for businesses that go it alone when it comes to security is identifying threats and tracking them. By signing up and taking part in cyber threat information sharing, you will likely save budget that can be used for other expenditures. You will also probably shorten the amount of time that it takes to deal with a threat because you will likely be collaborating with others that help you to build a model or a picture of the threat from several different perspectives simultaneously. Another advantage to working together with other companies is that the variants of an attack that are inevitably launched when more than one company is hit will start to show up in a pattern that is discernible to someone who to that point was only receiving information specific to the attack launched on their own company.

There is consistency in data types: One Fortune 500 company's response to an increase in malware was to track the number of people hit and then provide an in-house solution that was built to counter the top reported threats. As countless pundits have pointed out, the problem for many firms is that how those threats are recorded and passed on does not follow the same type of format in most cases, leaving hours of work to put everything together when cyber security information analysis is about to be done. Threatexchange norms the addition of data about specific types of circumstances through the API, ensuring that everyone is playing on the same team and the same page at the same time.

Serious cyber security threats to large firms are growing, with the Cinqmode and Sony attacks representing a new level of threat that resembles corporate warfare. By accessing and signing up for a service like Threatexchange through Facebook, the notion that companies can pool their resources in order to solve a threat or problem will be on display for analysts to find merit with or not.