The LA Cyber Threat Intelligence Sharing Platform, or TISP, will serve as a new threat sharing platform that businesses can use to defend against would-be hackers.
The cloud-based platform, which allows for the collection and sharing of threat intelligence, was created by a partnership between IBM Security and the city's LA Cyber Lab, and was funded in part by a $3 million grant from the U.S. Department of Homeland Security, said the Office of LA Mayor Eric Garcetti. Its launch was announced this week at the LA Cyber Lab Security Summit 2019.
The first publicly available platform of its kind in the U.S., TISP is aimed at smaller, mid-sized businesses, offering threat tracking capabilities and trend analysis that otherwise wouldn't be accessible to companies of such size. It also comes with a mobile app, available through Apple and Google Play, designed to allow businesses to report and share information about potentially malicious emails.
“Public safety in the 21st century isn’t just about protecting our physical streets and neighborhoods — we need to protect the digital presence that is part of everyday life for our residents and businesses,” Garcetti said in a statement. “The Threat Intelligence Sharing Platform and mobile app will advance the LA Cyber Lab’s work that has made our city a national cybersecurity model, all while better defending Angelenos from cyberthreats.”
The LA Cyber Lab, which is a public-private organization dedicated to cyberdefense, was launched by Garcetti in 2017 and focuses on outreach, education and information sharing between the public and private sectors over cybersecurity matters.
"We wanted to help the business community by providing threat intelligence, and we realized that we needed to automate that and we knew we couldn't do it alone," said Joshua Belk, executive director for the LA Cyber Lab, speaking about its partnership with IBM.
The platform, developed by IBM, collects voluntary intelligence from government agencies, private businesses and other sources, and collates and analyzes it, according to Garcetti's office. The data submitted by partners and businesses go into bifurcated data lakes — with data from partners going into the platform, while information submitted through the mobile application goes into a different one, Belk said. The information from both can then be analyzed.
Appealing to smaller companies with less resources was an important element of this project, Belk said.
"As you look at the market and security industry, you see that larger corporations tend to have... security teams, they have tools," Belk said. "Medium businesses are somewhere in between, having some sort of collage of information and resources... Small businesses don't have anything at all. They either outsource security and IT altogether or they just don't do it and hope for the best," he said.
"What we're anticipating here is that we could connect with medium-sized businesses with the platform because those are the ones that would be able to ingest the information and use it...The app was an add on because we wanted to have a conversation with small businesses and allow them to be part of the enterprise solutions that traditionally have been the work of larger companies."
The information collected by the application brings "together the digital experience that each of us have," creating a situation where everybody benefits, said Kevin Albano with IBM Security Services.
"Victims [of threat intelligence response] often want to know how to share their experience but also want to ensure that they keep their data safe," said Albano. "The cloud platform allows us to be specific on what types of threats are out there, what can be shared, and it allows us to be very precise about the type of information we can bring together for a community like this."