Fortinet Inc. hopes a new partnership with the federal government will improve security information sharing between...
the public and private sectors.
The network security firm, based in Sunnyvale, Calif., recently signed a Collaborative Research and Development Agreement (CRADA) with the U.S. Department of Homeland Security (DHS) in order to share and receive vital threat information and improve both partners' information security capabilities.
Under the agreement, Fortinet will participate in the Cyber Information and Sharing and Collaboration Program (CISCP), which exchanges information between DHS and enterprises. This agreement also means that Fortinet will be obliged to share cyber threat and vulnerability information with the DHS.
"It's mutually beneficial to both, because if we have information going through this CRADA and through the U.S. government for some sorts of threats that may not be visible to us, we can build in that protection and ultimately protect that infrastructure that the U.S. government is interested in protecting," Derek Manky, senior security strategist at Fortinet, said. "Because we have such a large footprint and such a large intelligence network, if we're detecting attack activity that the DHS would not necessarily be seeing, we can send that to them as well and they can act on that and disseminate that through their channels to anyone else under CRADA."
As part of the agreement, Fortinet will be able to exchange security information with other CISPC participants. Manky said that most of the participants receiving this information would be the Information Sharing and Analysis Centers, which are organizations focused on the physical and cyber security of various vertical industries like financial services (FS-ISAC) and IT (IT-ISAC).
For Fortinet, the agreement has been a year in the making, according to Manky. There were many layers of non-disclosure agreements (NDAs), approval processes and lawyers to go through to make this agreement possible, he said.
In addition, Manky explained that Fortinet is following the Traffic Light Protocol (TLP) under the US-CERT (Computer Emergency Readiness Team), which means that information under green, amber and white classifications is exchanged. Red information is sensitive and requires additional clearance -- something Fortinet is working towards establishing, according to Manky.
Fortinet said it will participate in two more DHS programs under the partnership: the Enhanced Cybersecurity Services (ECS) Program, which shares sensitive and classified cyber threat information, vetted by the government, with participants; and the Cyber Resilience Review (CRR), which provides assessments on an organization's information security program and operations.
Fortinet's CRADA is a step toward an ideal of security through shared information between all sectors, Manky said. "We've connected the dots; we've hooked up the infrastructure," he said. "To me that's a significant milestone, because we're taking it from a conceptual stage to something that is real and tangible."
Learn why one expert believes government officials need a better understanding of infosec technology before the head of Homeland Security implements federal laws requiring data breach reporting and information sharing.