Tim Lane, Chair of the CAUDIT Cybersecurity Community of Practice has undertaken a research based study tour to the USA to visit key Cybersecurity threat intelligence and research institutions.
Tim, Cybersecurity and Client Services of Southern Cross University was joined by Ashley Deuble, IT Security Manager, Griffith University and Mike Holm, AusCERT Operations Manager, AusCERT with the tour being a jointly funded collaborative initiative sponsored by CAUDIT, QUDIT, AusCERT and AARNet.
One of the key business drivers and aims of the study tour was to better understand how an Australian Higher Education sector coordinated response to the need for a trusted Cybersecurity threat intelligence and information sharing analysis function might be served.
Institutions visited included:
- REN-ISAC – a 1500 member strong trusted Cybersecurity information sharing community headed from Indiana University, with strong intel sharing partnerships established with hundreds of USA Universities, EDUCAUSE, Internet2, FBI, DHS,US-CERT, HEISC, Indiana University Global Research NOC, Microsoft etc
- The National Cyber Forensic Training Alliance (NCFTA) – an international agency which partners directly with a range of private and public entities globally to monitor Cybercrime activity in ransomware, malware and phishing for the purpose of research and attribution action
- Carnegie Mellon University Software Engineering Institute (CMU SEI) – the CERT and Cylab were visited, which showcase leading research, practices and collaboration in Cybersecurity and related streams
- Washington – the FBI and Department of Homeland Security (DHS) – to gain further insight into Cybercrime trends, intel and operations as well as discuss Information Sharing Analysis Centres and the potential role for Australia’s Universities inclusion in National Critical Infrastructure Protection (NCIP) status.
The research tour provided extensive insight into not only operations and success criteria for ISACs but provided insight into the state of Cybersecurity in the USA, responses to partnerships and collaboration, and highlighted the benefits of establishing an information sharing trusted community to assist with intel on threats, operations and mitigations.
This information will be very beneficial in helping steer AusCERT’s ISAC-SOC proposal towards better meeting University requirements.
A formal report including findings and recommendations will be prepared for CAUDIT in the coming weeks. Further information about the Cybersecurity Community can be found here.