Nearly 30 agencies subscribe to UNICC’s common secure threat intelligence service
The United Nations family, in its unique position as a global, humanitarian body and a holder of large sets of sensitive data, is a natural target for hackers. To deliver its mission uninterruptedly, it is crucial that UN Agencies are able to prepare for, respond to, and mitigate risks associated with threats through a common approach to information security.
In support of this vision, UNICC launched in 2016 the Common Secure Threat Intelligence service, through which the organization shares timely, relevant and actionable cyber security threat and incident information that is sourced from member Agencies as well as commercial security firms, service providers, federal, state and local government agencies, law enforcement and other trusted sources, bridging the cyber community and the United Nations system.
Common secure threat intelligence services
Beginning in 2016 with a handful of subscribers, the service has grown to nearly 30 UN Agencies and related international organizations, including ADB, CTBTO, FAO, IADB, IAEA, ICJ, IFAD, IIIM, ILO, IMO, ITU, OECD, PAHO, UNCTAD, UNDP, UNESCO, UNFPA, UNHCR, UNICC, UNICEF, UNIDO, UN OIM, UNRWA, UNWOMEN, WFP, WHO, WIPO and WTO.
The Common Secure service features automatic dissemination of curated threat intelligence through a Malware Information Sharing Platform (MISP), credential theft notifications and an annual meet-up to enhance collaboration and build trust among subscribing partners.
In 2019, the conference was held at UNICC’s Centre of Excellence in Valencia, Spain, featuring vendor and regional stakeholder sessions as well as feedback, presentations and input from participating Agencies. The Common Secure Annual Conference scheduled for Istanbul in September 2020, due to the global pandemic, has been postponed to the week of 10 May 2021 at a venue yet to be determined.
The Common Secure team and platform can quickly triage, consume, enrich and disseminate cyber threat alerts along with other critical information for risk management. This service aids development of professional, trusted relationships among peers and subject matter experts and allows Clients to share information and mitigate threats from all angles, fostering collaboration among various types of organizations with the overall goal of working together to proactively protect organizational reputations and their privileged information assets.
A shared cyber security knowledge hub results in maximum impact and greater efficiency and effectiveness across the UN. With our experienced and certified cyber security experts, we enable our Agencies to create secure business solutions thereby making cyber security as a business enabler.Tima Soni, Chief, Cyber Security Section, UNICC
Nearly half of the subscribers are members of the premium service that includes a security risk rating and intelligence enrichment using proprietary data sets coming from both Open and Closed Source intelligence resources.
Moreover, the shared service provides maximum efficiency and cost savings. More Agencies are expected to join shortly, also bringing Common Secure threat Intel recipients a greater economy of scale. As an example, the monthly price for this services has decreased from around $6000 per Agency in 2016, to $950 today.
Creating a culture of Cyber Excellence
The Threat Intelligence service is part of the Common Secure Information Security Hub, a cybersecurity centre for inter-Agency collaboration. Historically, UN Agencies have worked in silos, each developing their own solutions. The development of a shared solution with expert and certified staff that all Agencies can leverage is a brand-new and innovative approach, for which UNICC has been awarded the 2020 CSO50 Award.
This hub meets countless strategic and tactical needs, with UNICC building relationships with the cyber community at large on behalf of the UN system, fostering a reputation and a culture of cyber excellence.