Open source information sharing for critical infrastructure early warning

Collaborative information sharing developed by ETHOS to help entire Operational Technology (OT) community rapidly identify, assess and respond to potential and emerging threats.

  • Monday, 24th April 2023 Posted 1 year ago in by Phil Alsop

A group of OT cybersecurity leaders and critical infrastructure defenders introduce their plans for ETHOS (Emerging THreat Open Sharing), an open-source, vendor-agnostic technology platform for sharing anonymous early warning threat information across industries with peers and governments.

 

Founding ETHOS community members include 1898 & Co., ABS Group, Claroty, Dragos, Forescout, NetRise, Network Perception, Nozomi Networks, Schneider Electric, Tenable, and Waterfall Security.

 

ETHOS will give critical industries a vendor-neutral option for information sharing to combat the growing number of cyber threats. An always-on, open-source solution that functions like a hotline to correlate information from many security vendors to identify anomalous behaviors will strengthen cybersecurity defenses across industries and ensure more effective government communication and support.

 

ETHOS is under initial cooperative development with the goal of sharing data to investigate early threat indicators and discovering new and novel attacks. As an open-source initiative, any individual, organization or security vendor may contribute to ETHOS, its direction and many future developments. General membership applications will be available in June 2023.

 

“The scale of threats facing critical infrastructure operators, and in particular Operational Technology networks, requires an approach to information sharing grounded in collaboration and interoperability,” said Eric Goldstein, Executive Assistant Director for Cybersecurity, CISA. “CISA is eager to continue support for community-driven efforts to reduce silos that impede timely and effective information sharing. We look forward to collaborating with such communities, including the ETHOS community, to improve early warning and response to potential cyber threats, while appropriately protecting sensitive information about our nation’s critical infrastructure community.”

 

ETHOS will collectively uncover and share emerging threats for which there is no threat intelligence or no known attack pattern available, across private and public sector stakeholders. ETHOS brings a vendor-neutral option to improve public/private sector cooperation for effective real-time information sharing across sectors and with governments. The success of ETHOS will mean fewer asset owners become victims of preventable cyber-attacks.