Introducing the IEEE Industry Connections Security Group
Monday August 17, 2009 at 8:49 am CST
Posted by Jeff Green
Agreement and collaboration have been two of the greatest challenges the security community has faced from the very beginning. In an effort to address this, The Industry Connections Security Group (ICSG), a new offering from the IEEE, allows like-minded companies to come together to solve industry or business problems that center on information security. Industry Connections is a program under the IEEE that allows for a fast start-up toward industry collaboration. It also offers the support and infrastructure of an established and well known brand—the IEEE itself. This effort will allow the group to focus on the work of security standards and problem solving, rather than being slowed down with issues such as incorporation or intellectual property matters. McAfee is proud to be a founding member of this effort.
The ICSG is a group of computer security organizations that will work together on common goals and industry issues. The key focus of our collaboration is to solve security issues. In the past few years, attackers have shifted away from mass distribution of a small number of threats to micro distribution of millions of distinct threats. ICSG was established, under the umbrella of the IEEE Standards Association (IEEE-SA) Industry Connections program, out of the desire by many of us in the security industry to pool our experience and resources in response to the systematic and rapid rise in new malware being introduced to the market. The bad actors have been able to leverage the underground economy and scale their efforts, they have access to specialist tools and services, and they collaborate and communicate effectively—whereas the security industry has been generally responding to threats as individual entities.
Although there has been some ad-hoc cooperation in the industry in areas such as malware and phish URL sharing, this cooperation has not been standardized or documented in a format that lends itself to systematic improvement in operational efficiency or visibility, or review by people outside the vertical industries. It is this collaborative and communicative gap that the ICSG looks to close. ICSG has been established to look at and deal with a wide variety of security issues in a forum that allows us to engage all types of industry verticals. We also anticipate that we can work with other efforts to help drive security standards in other areas.
ICSG currently has one team, the Malware Working Group, looking at malware, but the organization will add more as needs evolve. Malware growth has been meteoric for the last several years. As such, the Malware Working Group’s primary goal is to solve some of the malware-related issues the industry faces today. The initial focus will be to establish more intelligent ways of sharing malware samples and the information associated with them to make the computer security industry more effective at combating this ever-evolving threat.
The initial members of ICSG are McAfee, Microsoft, Symantec, Sophos, AVG, and Trend Micro. A number of other individuals have been involved in reviewing the initial document produced by the Malware Working Group, from a variety of companies involved in computer security. If you are looking to join or need info, contact us at:
• joinICSG@ieee.org, joinICSGMal@ieee.org, IndustryConnections@ieee.org
Procedures and policies that have been adopted can be viewed here. Information about the Malware Working Group can be found here.
August 19th, 2009 at 02:08
ICSG was established in October 2008, right?