Automated Cyber Threat Intelligence Pilot Reduced States’ Response Times to Minutes
January 11, 2021
A pilot project testing an automated data feed of potential network compromises cut down the time needed to take defensive measures from days to a few minutes in the state and local governments that participated in the program.
Through the Indicators of Compromise Automation Pilot — conducted by the Multi-State Information Sharing and Analysis Center and a Johns Hopkins University research lab, with the backing of the Cybersecurity and Infrastructure Security Agency — participating agencies saw their response times following the detection of potential malicious activity drop from several days to just a few minutes, according to the Center for Internet Security, the nonprofit that operates the MS-ISAC.
“To automate the scoring, that’s the game changer,” said James Globe, the MS-ISAC’s vice president for security operations.