ICASI has created a trusted mechanism for vendors to work together in a new multi-lateral way to address international, multi-product security threats. Historically, companies have worked privately one-to-one, or publically in large organizational forums. The ICASI structure extends those conversations and allows vendors to share sensitive information in a secure forum, thereby removing a critical obstacle to effective collaboration in the face of an emerging threat.

ICASI fills a critical gap in the global IT security landscape. This gap was highlighted by CEOs and senior leaders from IT and communications firms in a 2007 report to the President of the United States. They reported that, “[existing] operational response frameworks are not sufficient to keep pace with globalization and technological convergence…nor do they adequately include private sector participation in these processes.” ICASI addresses this gap by creating a forum for IT vendors to address multi-vendor attacks before they are the norm, thereby reducing risks to the global infrastructure.

National Security and Telecommunications Advisory Committee, Report to the President on International Communications, August 16, 2007 http://www.ncs.gov/nstac/reports/2007/NSTAC%20International%20Report.pdf

ICASI is chartered to address global, multi-product security threats. ICASI does not respond to every threat. If you have an incident to report or other matter you believe needs urgent attention, DO NOT CONTACT ICASI directly. Contact the security incident response team (SIRT) of the ICASI member whose product you believe is most immediately impacted. That ICASI member response team will take the next appropriate step.

No. ICASI is not a security incident response team (SIRT), a SIRT operations center, or a SIRT coordination center. However, ICASI has the capability to launch a coordinated response of its members’ incident response teams in the event of a major exploit that affects the global IT infrastructure and involves members’ products. While the anticipated frequency of these incidents is low, vendors want to be proactive; therefore, ICASI works to proactively mitigate these types of threats by driving excellence and innovation in security response.

Initial founding members of ICASI are Cisco Systems, IBM, Intel, Juniper Networks, and Microsoft. These leading global IT vendors conceived the vision and invested the resources to create a trusted forum for vendor collaboration. It is the intention and hope of the founding members that the organization will grow over the coming months and years. The founding ICASI members believe they are not the only global IT vendors that see increasingly sophisticated threats and growing interdependencies in current and future IT infrastructure.

ICASI is seeking publicly-traded IT vendors with a global customer base that have established threat response capabilities; are passionate about innovating new ways to address global, multi-product security threats; and are willing to commit the resources to achieve ICASI’s mission. For more information on how to become a member, see our membership page or email ICASI at membership@ICASI.org.

In the past 18 months, the industry has seen a dramatic shift from high-profile worms and viruses to difficult-to-detect attacks aimed at applications or specific IT functions1. The increasing sophistication of attacks and the integration of applications from multiple vendors now common in global IT enterprise environments create four very real challenges for IT vendors:

• Rapid Attacks Require Rapid Response — Vendors must rapidly create emergency fixes and patches to mitigate zero day attacks2 and at the same time, assess what impact, if any, their respective fixes will have on other vendors’ products and customer operations.
• Multi-Vendor Attacks — Vendors have an increasing concern that future attacks might simultaneously target multiple products or shared protocols across multiple products.
• International Attacks — Vendors currently lack a trusted mechanism that supports rapid global vendor response and coordination to address incidents of international origin or attacks that cross international boundaries.
• Multi-Vendor Information Sharing — Global vendors currently do not have a trusted mechanism for working together to identify, assess and mitigate IT security challenges involving multiple vendors.

ICASI is proactively addressing these challenges by creating a mechanism to improve collaboration among global IT vendors.

1 IBM Internet Security System’s “XForce 2007 Annual Trend Statistics” report.
http://www-935.ibm.com/services/us/iss/html/xforce-threat-insight.html

Microsoft’s “Security Intelligence Report - July through December 2007” report.
http://download.microsoft.com/download/f/f/d/ffd1f8b8-afcc-4ed1-a635-2caa8b96ac2f/
MS_Security_Report_Jul-Dec07.pdf

2 A zero-day (or zero-hour) attack or threat is a computer threat that tries to exploit unknown, undisclosed, or unpatched computer application vulnerabilities.

ICASI is an industry investment to drive excellence and innovation in security response with the objective of mitigating and deterring the next generation of attacks on global, multi-product IT infrastructure. Other established organizations offer forums for governments, academic institutions, and IT customers to discuss security threats. As a complement to those organizations, ICASI fills a gap for developers of global IT products and services to collaborate on the security challenges affecting their products and services.

No single company can solve all computer security threats. The threat landscape is rapidly evolving and increasing in sophistication. There is an emerging trend toward attacks that simultaneously target multiple products or shared protocols in multiple products. A focused, multi-vendor approach to rapidly drive global security response and security engineering innovation better protects all computer users worldwide from global, multi-product threats.

ICASI is structured to be government and vendor agnostic. It is chartered as a global organization without specific government, political, or economic interests in order to focus on the purpose of protecting the global IT infrastructure and ecosystem. Governments may engage with ICASI for industry expertise and to address global, multi-product security issues.

ICASI is organized as a 501(c) (6) non-profit corporation and will work to maintain a lean and agile organizational infrastructure to ensure that resources go directly to fulfilling its mission. ICASI members serve a large, global customer base and are therefore highly motivated to contribute expertise and resources toward innovating new ways to address global IT security threats affecting customers.

Yes, ICASI will share the results of its work through papers and other media.

ICASI’s vision is to drive excellence and innovation in security response and to share it with the industry — global IT vendors and customers. Over the coming months ICASI will be finalizing its delivery roadmap and will share its first accomplishments later in the fall of 2008.