By Jesse Ward, Director of Industry and Policy Analysis, NTCA–The Rural Broadband Association
As you may recall, NTCA recently announced that it is exploring the creation of a new Cyber-Threat Information Sharing Forum for Small Network Operators.
A group of 44 small, facilities-based, small operators volunteered to participate in the pilot project, which provides a central, trusted environment to enable small network operators to share and receive information about cyber threats, vulnerabilities, best practices and/or mitigation activities that are tailored for the telecom and broadband business.
In April, NTCA conducted an initial, baseline survey of the pilot participants to understand their needs and capabilities. In response to the survey, 59% reported that they did not currently subscribe to/have access to cyber-threat intelligence feeds, and more than 50% did not currently participate in a cyber-threat information sharing forum.
Although these results are based upon a small self-selected group of NTCA’s membership, this further highlights the need for a robust information sharing forum to assist small network operators with understanding the current cyber-threat environment. If anything, those volunteering to participate in the pilot may be among the more aware and active in attempting to mitigate cyber risk, and the figures above therefore underscore the need for a forum tailored to the needs of smaller operators.
While participating in cyber-threat information sharing forums cannot guarantee that an organization will not experience a breach, experience shows that sharing information increases the ability to more effectively manage cyber-based risks.
Participants confirmed these advantages, noting that for those that do currently participate in information sharing forums, they found these venue(s) useful for general threats, vulnerability, and malicious activity warnings; mitigation information; and contacts with industry peers.
However, respondents also indicated that information derived from these existing venues can be overwhelming, stale and/or may not be relevant to their specific business/network. Indeed, as NTCA anticipated, current cyber-threat information sharing venues generally do not meet the unique needs of small telecommunications network operators.
NTCA’s cybersecurity pilot project seeks to address these gaps, creating a trusted venue to enable collaboration between small network operators – i.e. peer companies that are experiencing common challenges – while also providing a link to the global community of network defenders, including both private and public communities and Federal resources.
In addition, NTCA is providing pilot participants with curated content and reports, thereby creating one place for small network operators to learn about cyber threats and best practices.
In May, the pilot participants assisted NTCA with developing a foundational operating plan for the program that defines the policies, procedures and required technical tools to facilitate the bi-directional sharing of sensitive information among participants.
The pilot is now live; the operational phase of the pilot will take place from June 1–July 31, 2019. Pilot participants are currently:
- exchanging information via a variety of online platforms;
- participating in weekly virtual meetings to share cyber intelligence, hear from guest speakers, and collaborate with their peers; and
- receiving daily open source and weekly technical reports created by NTCA’s pilot support team.
As part of the weekly pilot calls, attendees have heard from a variety of guest speakers, including the DHS NCC Watch as to Federal resources available to small network operators; FireEye in regard to how small network operators can find and use indicators of compromise within their networks; and the FBI as to the tactics used by hackers for eSkimming credit cards online. Attendees have also engaged in robust conversations as to various cyber tools and vendors they are using to protect their networks and detect breaches.
A primary component and benefit of the pilot is curated content. Specifically, as part of the pilot, NTCA is creating and distributing a daily cyber-threat report summarizing open-source news items and alerts from DHS, and a weekly technical report on exploits and vulnerabilities.
Initial feedback from pilot participants has been positive, and the association looks forward to working with its members to further refine the forum to meet the needs of small network operators.
Stay tuned to NTCA’s online Stories of Innovation to learn more about the pilot and the association’s future plans.