On July 15, the FBI announced that they, along with an international coalition of law enforces, had shut down the underground global computer hacking forum known as ‘Darkcode’. This operation is likely to have required collaboration with over 12 countries and could potentially lead to the arrest of over 800 hackers. Information sharing at its finest.
In the business sector, according to a recent IBM survey, 42 percent of organizations believe collaborating with formal industry-related security groups will increase to 86 percent over the next three to five years. However, despite this increase and the the longstanding use of collaboration within law enforcement, collaboration between organizations is still somewhat stymied by security concerns, compliance and technical challenges. This is why we aim to enable and accelerate this move towards collaboration by addressing the roadblocks associated with bi-directional inter-company and multi-jurisdictional information sharing.
Comilion operates as a decentralized and fully automated platform that enables secure and private bidirectional secured collaboration within and between organizations in tightly-regulated environments. Some of the world’s leading financial institutions are already using our software to implement closed, self-managed communities to detect and mitigate cyber-threats in real-time on a global scale.
In fact, according to Gartner Inc., collaborative security is key. They too believe that threat intelligence sharing among disparate security technologies, business partners and other third-party or vertically aligned organizations should be a stated security program goal for detecting and mitigating cyber threats.
To alleviate security and privacy concerns, Comilion have created a premises-based platform that uses a completely decentralized peer-to-peer architecture which it deploys as a node on existing networks. It integrates with security infrastructures including SIEM systems, intelligence repositories and other security appliances. Comilion constantly identifies and shares threat indicators, malicious activity and critical security-related trends to authorized users to facilitate collaborative threat research and response between internal security groups or peer groups from different companies.
The Comilion platform has complete control over intelligence sharing. In order to prevent an organization’s data from being exposed to unintended internal or external peers, we enforce data ownership policies using TLP (Traffic Light Protocol). TLP is a set of designations used by US-CERT and others to ensure that sensitive information is only shared with the correct audience. This enables us to provide advanced sharing mechanisms including revoking shared data, timely data exposure, relevancy based sharing and more.
Decentralized, Secure, Automated
“Comilion is a good example of privacy by design. By restricting data sharing to the minimum amount necessary, while at the same time deploying state of the art encryption and de-identification technologies, Comilion secures the benefits of data sharing and manages risks to individuals’ privacy rights."
This description of Comilion from Omer Tene, Stanford Law school professor and Vice President of IAPP (International Association for Privacy Protection) highlights precisely what Comilion aims to achieve. At Comilion, we automatically monitor data sharing and enforce pre-defined rules to ensure compliance with all industries and geo-political legislations. At the same time, we include pre-built rules for all leading industry mandates including “Privacy by Design” practices, data protection, EU Data Protection Directive, SOX, BASEL III and more.
For iron-clad data privacy and trusted collaboration, Comilion uses a relevancy based sharing (RBS) model - a proprietary technology which enables sharing and exposure of the data to only affected organizations within each collaboration community. By automating the analysis and verification of each shared data item and threat indicator, we are able to ensure that information is only exposed to members of a community for whom it is relevant. This methodology guarantees that information privacy is protected at all times.
Comilion - Overcoming Roadblocks
Cyber collaboration between or within companies, across industries and with government agencies is at an impasse due to security concerns and technical implementation challenges. This is why we have developed a decentralized, secure and automated infrastructure that enables participants to maintain ownership of their data, avoid regulatory compliance violations and only receive data that is relevant to their environment. Comilion is proud to be defusing cyber threats by making secure collaboration between or within organizations possible.