Anonymous Breach Reporting Can Improve IT Security Efforts
One frequent obstacle to improving IT security can be the fact that businesses, both small and large, that find themselves the target of an attack sometimes have incentives to avoid going public with information. While this is understandable from a Public Relations standpoint, it also means that other companies that could benefit from such information have no access to it. Only when breaches involve certain kinds of personal data, types that are protected by state or federal laws, are businesses generally required to admit to a breach. In many of these cases, however, they still need not go public, as long as they notify the individuals whose personal information may have been compromised.
Now, a new software effort at Georgia Tech Research Institute may change this ‘breach reporting’ landscape. The institute has developed a system that will allow both government officials and business representatives to share information about their experiences in the current threat environment. The program, regarded as a ‘malware intelligence system’, is officially titled ‘Titan’ and is currently in beta testing. Titan differs from many similar efforts in one key respect: it will allow those who contribute information to do so anonymously.
Titan's project leader, Chris Smoak, spoke about the importance of offering businesses IT solutions that enable them to contribute information anonymously: "People tend to think that if an organization gets hit, it was because they had poor security measures. That's not necessarily true, because a variety of factors contribute to intrusions. Until we get to the point that there's no longer a stigma attached to having an infiltration, people are going to want anonymity to participate."
In addition to spearheading Titan, Smoak heads up the Cyber Technology and Information Security Lab at the institute. The Titan system is much more than a database of reported breaches. It also includes a repository of malware samples, with the system examining and classifying new code on a daily basis, sometimes as many as 100,000 pieces of suspicious code. Smoak sees Titan in the future functioning as a central hub that businesses and other interested parties can consult as needed.
Such central repositories are likely to become increasingly important as cloud computing continues to grow in scope and emphasis. A cloud computing paradigm, of course, involves confronting the threat environment online from moment to moment rather than only when workers happen to launch a browser. In such a computing environment, businesses are best served by using IT outsourcing so that highly qualified managed security providers can protect their information assets.