Cyber-attacks have increased in frequency and sophistication, presenting significant challenges for organizations that must defend their data and systems from capable threat actors. These actors range from individual, autonomous attackers to well-resourced groups operating in a coordinated manner as part of a criminal enterprise or on behalf of a nation-state. Threat actors can be persistent, motivated, and agile, and they use a variety of tactics, techniques, and procedures (TTPs) to compromise systems, disrupt services, commit financial fraud, and expose or steal intellectual property and other sensitive information. Given the risks these threats present, it is increasingly important that organizations share cyber threat information and use it to improve their security posture. Cyber threat information is any information that can help an organization identify, assess, monitor, and respond to cyber threats.
Examples of cyber threat information include indicators (system artifacts or observables associated with an attack), TTPs, security alerts, threat intelligence reports, and recommended security tool configurations. Most organizations already produce multiple types of cyber threat information that are available to share internally as part of their information technology and security operations efforts.
MAX helps companies and agencies identify, assess, monitor, and respond to cyber threats through information sharing operations. Our Cyber Threat Information Sharing tools allow companies to obtain more knowledge, experience, and compatibilities of the specific sharing community. Some examples of cyber threat information include indicators, TTPs, security alerts, threat intelligence reports, and recommended security tool configurations.
By exchanging cyber threat information within a sharing community, organizations can leverage the collective knowledge, experience, and capabilities of that sharing community to gain a more complete understanding of the threats the organization may face. The principals at MAX were instrumental in the development of information sharing policies and can efficiently assist you in meeting your sharing goals.
MAX CEO Michael A. Echols (Mike), joined the International Association of Certified ISAOs (IACI), as the Chief Executive Officer after 7 years at the Department of Homeland Security (DHS). Mr. Echols developed and implemented cybersecurity strategies to assist DHS to meet its cyber mission by identifying opportunities to enhance the effectiveness of information sharing operations, technology partnerships and policy.
Mr. Echols managed teams shaping national information technology security as the Deputy Director of the Strategic Engagement and Cybersecurity Infrastructure Resilience Division where he was also the Director of the Cyber Joint Program Management Office (JPMO). Among his information sharing responsibilities were the classified Enhanced Cybersecurity Services Program (ECS) and Cybersecurity Information Sharing Collaboration Program (CISCP) with corporate membership representing 10% – 15% of the US GDP.
In 2015, Mr. Echols became the point person for the rollout of Presidential Executive Order 13691 – Promoting Private Sector Cyber Information Sharing. He created a Government, Industry, and Academic coalition that launched efforts to develop a national network of ISAOs and their governing rule set. He stood up the Information Sharing and Analysis Organization (ISAO) Standards Organization grant as well.