Automated Cyber Threat Intelligence Pilot Reduced States’ Response Times to Minutes

January 11, 2021


A pilot project testing an automated data feed of potential network compromises cut down the time needed to take defensive measures from days to a few minutes in the state and local governments that participated in the program.

Through the Indicators of Compromise Automation Pilot — conducted by the Multi-State Information Sharing and Analysis Center and a Johns Hopkins University research lab, with the backing of the Cybersecurity and Infrastructure Security Agency — participating agencies saw their response times following the detection of potential malicious activity drop from several days to just a few minutes, according to the Center for Internet Security, the nonprofit that operates the MS-ISAC.

“To automate the scoring, that’s the game changer,” said James Globe, the MS-ISAC’s vice president for security operations.