News from the Wire

New Soltra Network to strengthen cyber threat intelligence sharing

Monday, October 12, 2015 — 12:23:44 (EDT)

Sibos, Singapore; London; Hong Kong; New York; Reston, Va., Oct. 12, 2015 – Soltra™, a joint venture of FS-ISAC and The Depository Trust & Clearing Corporation (DTCC), today announced plans to launch the Soltra Network, a new network offering designed to connect cyber threat intelligence sharing across intelligence producers, intelligence consumers, communities and cyber security tools. The new service will work alongside Soltra’s existing threat information sharing platform, Soltra Edge™. Soltra Edge was developed in partnership with the financial services industry; its cyber security capabilities have been extended to other key segments, including the retail and healthcare sectors.

Today, Soltra Edge acts like a threat intelligence server that aggregates and distributes threat content within an organization and between organizations leveraging a peer-to-peer, firm-to-firm model. As envisioned, the new Soltra Network will connect Soltra Edge servers and route data between users in a hub-and-spoke model within a highly scalable, highly secure network. Users of the Soltra Network -- individual entities, groups, sharing communities, threat intelligence providers and cyber security solutions providers -- will authenticate and connect into the network, facilitating the flow of information in a federated, standardized way leveraging industry standard protocols including Structured Threat Information eXpression (STIX) and Trusted Automated eXchange of Indicator Information (TAXII). Users will be able to access the Soltra Network directly from Soltra Edge, which includes over 2,000 users since it was launched earlier this year. Organizations can continue to use Soltra Edge for peer-to peer sharing, as necessary.

Mark Clancy, CEO of Soltra and Board Member of FS-ISAC, said: “Information security should no longer be comprised of disparate, disconnected silos. Due to the overwhelming success of Soltra Edge, we’ve seen thousands of entities start to use standardized protocols to connect to peers and share information. We are now at the point where we have an opportunity to create additional efficiencies to facilitate the automated flow of millions of threat indicators across tens of thousands of entities. The Soltra Network is an important solution that has been designed to enable this information flow.”

The Soltra Network will codify industry standards and enable the best, most efficient use of STIX and TAXII for actionable threat intelligence. It will enhance the ability of organizations and communities to participate in multi-lateral information sharing amongst tens of thousands of entities, maintaining the highest fidelity of all source threat data. With strong authentication, the Network will increase trust for non-attributed submissions within and between sharing communities. To date, Soltra has focused on standardizing and automating the flow of intelligence with Soltra Edge. Now, Soltra is focused on making it even easier to take in high quality threat content, speed the time to decision and enable organizations to take more effective action to prevent and mitigate threats in a variety of ways.

Bill Nelson, President of Soltra and President & CEO FS-ISAC, said: “Information security must be modernized. Instead of dozens of tools, islands of data and disconnected communications, at Soltra, we want to leverage the strength of standardization and the power of the network effect, just like social media or mobile phone networks. We are going to make it simple and effective for users to get the right threat intelligence at the right time in order to defend entire communities. With the Soltra Network and Soltra Edge offerings, users can consume and share threat information that is in a standard format and have confidence that it is accurate, trusted and secure.”

A pilot version of the Soltra Network will be available to early adopter Soltra Members during Q4, 2015. The Soltra Network is expected to be available for FS-ISAC Members during Q1 2016 and generally available during the first half of 2016. Those that have joined the Soltra Membership program will be able to easily add access to the Soltra Network to their Membership plan.

About Soltra

Soltra, which developed Soltra Edge, is a joint venture between the Financial Services Information Sharing and Analysis Center (FS-ISAC), an organization focused on sharing critical cyber security threat information worldwide, and The Depository Trust & Clearing Corporation (DTCC), the premier post-trade market infrastructure for the global financial services industry. Soltra Edge is an on premise software solution that enables critical entities to import structured and unstructured threat information, standardize and organize that threat information using STIX formats, and instantly route that uniform threat intelligence via the TAXII standard to devices and analysts in order to take immediate action to prevent cyber incidents. The software takes only a few minutes to download, install and configure and a basic license is available at no cost. Learn more at www.soltra.com and download a free copy of Soltra Edge at forums.soltra.com .

About Soltra Edge

Soltra Edge is an on-premise software solution that collects threat intelligence from various sources, converts it into an industry-standard language and provides actionable intelligence to help users better protect their organizations against cyber threats and risks. Soltra Edge is designed for entities of all sizes, including those with limited security operations resources. Soltra Edge will also enable users to connect to the Soltra Network once it is available. The basic, feature-rich version of Soltra Edge is available for free and takes about 15 minutes to download and configure. Soltra Edge leverages open standards, including Structured Threat Information eXpression (STIX™), a uniform format for the threat information, and Trusted Automated eXchange of Indicator Information (TAXII™), an open standards protocol for routing that threat information.

About DTCC

With over 40 years of experience, DTCC is the premier post-trade market infrastructure for the global financial services industry. From operating facilities, data centers and offices in 16 countries, DTCC, through its subsidiaries, automates, centralizes, and standardizes the post-trade processing of financial transactions, mitigating risk, increasing transparency and driving efficiency for thousands of broker/dealers, custodian banks and asset managers worldwide. User owned and industry governed, the firm simplifies the complexities of clearing, settlement, asset servicing, data management and information services across asset classes, bringing increased security and soundness to the financial markets. In 2014, DTCC’s subsidiaries processed securities transactions valued at approximately US$1.6 quadrillion. Its depository provides custody and asset servicing for securities issues from over 130 countries and territories valued at US$64 trillion. DTCC’s global trade repository maintains approximately 40 million open OTC positions and processes roughly 280 million messages a week. In the area of entity reference data, DTCC operates Clarient and Avox as well as, in collaboration with SWIFT, the GMEI utility, the largest of the local operating units in the Global Legal Identifier System. To learn more, please visit www.dtcc.com or follow us on Twitter @The_DTCC.

About FS-ISAC

The Financial Services Information Sharing and Analysis Center (FS-ISAC) is a non-profit corporation that was established in 1999 and is funded by its member firms. The FS-ISAC is a member-driven organization whose mission is to help assure the resilience and continuity of the global financial services infrastructure and individual firms against acts that could significantly impact the sector’s ability to provide services critical to the orderly function of the global economy. The FS-ISAC shares threat and vulnerability information, conducts coordinated contingency planning exercises, manages rapid response communications for both cyber and physical events, conducts education and training programs, and fosters collaborations with and among other key sectors and government agencies. For more information, please visit www.fsisac.com .

The Green Sheet Inc. is now a proud affiliate of Bankcard Life, a premier community that provides industry-leading training and resources for payment professionals. Click here for more information: bankcardlife.com?orid=33533&opid=1 .

Source: Company press release.