What is different about ICASI?
ICASI has created a trusted mechanism for vendors to work together in a new, multi-lateral way to address international, multi-product security threats. Historically, companies have worked privately, one-to-one, or publically in large organizational forums. The ICASI structure extends those conversations and allows vendors to share sensitive information in a secure forum, thereby removing a critical obstacle to effective collaboration in the face of an emerging IT security threat.
Why does the industry need a new organization?
ICASI fills a critical gap in the global IT security landscape. This gap was highlighted by CEOs and senior leaders from IT and communications firms in a report to the President of the United States. They reported that, “[existing] operational response frameworks are not sufficient to keep pace with globalization and technological convergence…nor do they adequately include private sector participation in these processes.” ICASI addresses this gap by creating a forum for IT vendors to address multi-vendor attacks before they are the norm, thereby reducing risks to the global infrastructure.
SEE: National Security Telecommunications Advisory Committee, Report to the President on International Communications.
What incidents does ICASI respond to? How do we report them to ICASI?
ICASI is chartered to address global, multi-product security threats. ICASI does not respond to every threat. If you have an incident to report or other matter you believe needs urgent attention, please do not contact ICASI directly. Contact the security incident response team (SIRT) of the ICASI member company whose product you believe is most immediately impacted. That ICASI member response team will take the next appropriate step.
Does ICASI replace incident response teams?
No. ICASI is not a security incident response team (SIRT), a SIRT operations center, or a SIRT coordination center. However, ICASI has the capability to launch a coordinated response of its members’ incident response teams in the event of a major exploit that affects the global IT infrastructure and involves members’ products. While the anticipated frequency of these incidents is low, vendors want to be prepared. Therefore, ICASI works to proactively mitigate these types of threats by driving excellence and innovation in security response.
Who are the members of ICASI?
Founding Members of ICASI include Cisco Systems, IBM, Intel, Juniper Networks, Microsoft, and Nokia, and Amazon.com is a General Member. These leading global vendors conceived the vision and invested the resources to create a trusted forum for vendor collaboration. It is the intention and vision of all ICASI members that the organization will grow over the coming years as additional global vendors see increasingly sophisticated threats and growing interdependencies in current and future IT infrastructure, and elect to join with other forward-thinking companies.
How can my company become a member?
ICASI is seeking publicly-traded IT vendors with worldwide customer bases that have established threat response capabilities; are passionate about innovating new ways to address global, multi-product security threats; and are willing to commit the resources to achieve ICASI’s mission. For more information on how to become a member, see our membership page or email ICASI at membership@ICASI.org.
Have you seen an increased level of threat that has concerned you?
In the past few years, the industry has seen a dramatic shift from high-profile worms and viruses to difficult-to-detect attacks aimed at applications or specific IT functions. The increasing sophistication of attacks and the integration of applications from multiple vendors now common in global IT enterprise environments create four very real challenges for IT vendors:
- Rapid Attacks Require Rapid Response — Vendors must quickly create emergency fixes and patches to mitigate zero-day attacks* and at the same time, assess what impact, if any, their respective fixes will have on other vendors’ products and customer operations.
- Multi-Vendor Attacks — Vendors have an increasing concern that future attacks might simultaneously target multiple products or shared protocols across multiple products.
- International Attacks — Vendors currently lack a trusted mechanism that supports rapid global vendor response and coordination to address incidents of international origin or attacks that cross international boundaries.
- Multi-Vendor Information Sharing — Global vendors currently do not have a trusted mechanism for working together to identify, assess, and mitigate IT security challenges involving multiple vendors.
- ICASI is proactively addressing these challenges by creating a mechanism and forum to improve collaboration among global IT vendors.
* A zero-day (or zero-hour) attack or threat is a computer threat that tries to exploit unknown, undisclosed, or unpatched computer application vulnerabilities.
Why is ICASI comprised only of global IT vendors?
ICASI is an industry investment to drive excellence and innovation in security response with the objective of mitigating and deterring the next-generation of attacks on global, multi-product IT infrastructures. Other established organizations offer forums for governments, academic institutions, and IT customers to discuss security threats. As a complement to those organizations, ICASI fills a gap for developers of global IT products and services to collaborate on the security challenges affecting their products and services.
Does the formation of ICASI mean individual companies are not doing enough to stay ahead of security threats?
No single company can solve all computer security threats. The threat landscape is rapidly evolving and increasing in sophistication. There is an emerging trend toward attacks that simultaneously target multiple products or shared protocols in multiple products. A focused, multi-vendor approach to rapidly drive global security response and security engineering innovation better protects all computer users worldwide from global, multi-product threats.
What governments does ICASI work with and how?
ICASI is structured to be government and vendor neutral. It is chartered as a global organization without specific government, political, or economic interests in order to focus on the purpose of protecting the global IT infrastructure and ecosystem. Governments may engage with ICASI for industry expertise and to address global, multi-product security issues.
What resources does ICASI have to pursue its mission?
ICASI is organized as a 501(c) (6) non-profit entity and will work to maintain a lean and agile organizational infrastructure to ensure that resources go directly to fulfilling its mission. ICASI members serve a large, global customer base and are therefore highly motivated to contribute expertise and resources toward innovating new ways to address global IT security threats affecting customers.
Will ICASI share the results of its work with the industry as a whole?
Yes, ICASI will share the results of its work through technical papers and other means.
What can we expect from ICASI in the future?
ICASI’s vision is to continually drive excellence and innovation in security response and to share it with the industry, global IT vendors, and customers.