Pulled quotes from Health-ISAC:
In the early days of CISA 2015, these organizations were having trouble getting companies to share information generally. Now, the focus is on getting companies to share better real-time information, said Errol S. Weiss, the chief security officer for Health-ISAC.
The healthcare sector has seen a particularly sharp increase in attacks, and real-time sharing can help get organizations back online faster, Weiss said. When “a hospital has been attacked by ransomware, if they can actually share and get to the community what they know, there are others who may have very likely experienced the same ransomware or similar ones. And they can share with that current victim what they know — how to recover, the shortest path of mitigation, all of that — and hopefully be able to recover faster,” Weiss said.
He said he worries that progress in intelligence-sharing practices could regress if CISA 2015 isn’t renewed. However, he said, people are more at ease when they understand what information is being shared, Weiss said. It’s “things like IP addresses of known malicious activity, email subject line information, email attachments, or malicious URLs that we find in emails. Things of that sort,” he said.
Read the article in MLex [subscription required]. Click Here
