Open source information sharing for critical infrastructure early warning

Collaborative information sharing developed by ETHOS to help entire Operational Technology (OT) community rapidly identify, assess and respond to potential and emerging threats.

A group of OT cybersecurity leaders and critical infrastructure defenders introduce their plans for ETHOS (Emerging THreat Open Sharing), an open-source, vendor-agnostic technology platform for sharing anonymous early warning threat information across industries with peers and governments.

 

Founding ETHOS community members include 1898 & Co., ABS Group, Claroty, Dragos, Forescout, NetRise, Network Perception, Nozomi Networks, Schneider Electric, Tenable, and Waterfall Security.

 

ETHOS will give critical industries a vendor-neutral option for information sharing to combat the growing number of cyber threats. An always-on, open-source solution that functions like a hotline to correlate information from many security vendors to identify anomalous behaviors will strengthen cybersecurity defenses across industries and ensure more effective government communication and support.

 

ETHOS is under initial cooperative development with the goal of sharing data to investigate early threat indicators and discovering new and novel attacks. As an open-source initiative, any individual, organization or security vendor may contribute to ETHOS, its direction and many future developments. General membership applications will be available in June 2023.

 

“The scale of threats facing critical infrastructure operators, and in particular Operational Technology networks, requires an approach to information sharing grounded in collaboration and interoperability,” said Eric Goldstein, Executive Assistant Director for Cybersecurity, CISA. “CISA is eager to continue support for community-driven efforts to reduce silos that impede timely and effective information sharing. We look forward to collaborating with such communities, including the ETHOS community, to improve early warning and response to potential cyber threats, while appropriately protecting sensitive information about our nation’s critical infrastructure community.”

 

ETHOS will collectively uncover and share emerging threats for which there is no threat intelligence or no known attack pattern available, across private and public sector stakeholders. ETHOS brings a vendor-neutral option to improve public/private sector cooperation for effective real-time information sharing across sectors and with governments. The success of ETHOS will mean fewer asset owners become victims of preventable cyber-attacks.

Certification's true value lies beyond speed, focusing on continuous system improvement for genuine...
Supermicro expands its AI edge computing solutions with Intel's advanced technologies, aiming to...
One Identity sets new course as an independent entity, focusing on identity governance with its...
A surge in AI adoption results in increased security concerns across UK and US enterprises, despite...
N-able introduces Shadow AI Visibility to monitor AI tool usage, enhancing organisational security...
Vanquis integrates Freshservice to streamline service operations, marking a development in its...
Scality and OVHcloud partner to deliver a sovereign cloud platform tailored for European digital...
Perforce Software has introduced updates to its DevOps tech stack, adding new tools for AI...