We recognise the rapid speed with which cyber security threats and defence strategies evolve. These times are also challenging due to a number of key economic pressures, even without the after-effects of the global pandemic.
The ideal cyber security program will make full use of available cyber threat intelligence and strategically include contextualised data across all cyber security functions in the organisation, driving future investment based upon educated risk assessments. Few will have the resources available to undertake this alone, and a collaborative approach is necessary to 'rise the tide and lift all boats'.
The aims of the Australasian Higher Education Cyber Threat Intelligence Uplift are to:
1. Reach a baseline maturity level across every institution by providing training material for the common processes and technological tools used for CTI sharing in the industry (MISP).
2. Cater for institutions with an existing degree of maturity, ensuring they are able to access tactical and operational threat intelligence using appropriate (machine to machine) methods.
3. Provide training and/or instructions for MISP integration of the commonly used tools for the NIST identify, protect, detect and respond steps such as SIEM, SOAR, firewall/filtering products. We will achieve this through some community-sourced case studies from those mature institutions who wish to share, and also in conjunction with appropriate vendors.
4. Continually introduce relevant new processes and technology as they become available. For example, through partnerships with Government and third partners (i.e., CI-ISAC), we are engaged in regular threat briefings, including other critical infrastructure sectors.
Ideally, when future cyber incidents occur it should be possible to quickly inform the community including appropriate C-level/decision makers and the practitioners in real time, and ALL institutions should be in a position to take necessary steps to identify, protect, detect and respond.
Over the next month we have several webinars scheduled to provide training, share case studies, and help the sector to continually improve this uplift process.