New center will provide much-needed cyber security for U.S. private sector

The Cyber Incident Detection Data Analysis Center (CIDDAC), the first real-time cyber threat sharing system implemented to protect the nation's critical infrastructure, announces the opening of its National Operations Center at the University of Pennsylvania ISTAR (Institute of Strategic Threat Analysis and Response) laboratory...

Apr 21st, 2005

PHILADELPHIA, April 20, 2005 (PRNewswire) -- The Cyber Incident Detection Data Analysis Center (CIDDAC), the first real-time cyber threat sharing system implemented to protect the nation's critical infrastructure, announces the opening of its National Operations Center at the University of Pennsylvania ISTAR (Institute of Strategic Threat Analysis and Response) laboratory.

CIDDAC will fundamentally change the way the U.S. responds to criminal and terrorist use of the Internet by providing voluntary automated incident reporting to law enforcement when security breaches occur, while protecting the identity and privacy of its members and their data. It's a non-profit organization that integrates private, public and government cooperation to facilitate the real-time sharing of cyber attack data.

"The CIDDAC method of gathering cyber threat data is done in such a way that the private sector can both report and benefit from such data without worrying about the government accessing their internal network," said Charles "Buck" Fleming, the center's executive director. "The rapid sharing of such crucial information will allow U.S. companies and the nation as a whole to operate more securely and smoothly."

CIDDAC works by connecting an intrusion-monitoring machine, known as a Real-time Cyber Attack Detection Sensor (RCADS), to a corporate network. While RCADS is not connected to any actual corporate production systems, it appears to intruders as just another machine on the network. The RCADS is also linked to the CIDDAC NOC, which quickly alerts both law enforcement and other member organizations once a threat is detected. The identity of the reporting company remains confidential.

Fleming said privacy protection is a basic requirement of CIDDAC.

"Protection guarantees by statute and the Constitution are essential elements of any data collection activity," said Fleming. "The private sector needs to drive this effort -- in partnership with academia, government and law enforcement -- for it to be successful."

While law enforcement does not access private corporate data, it is able to compile attack signatures. These cyber signatures are then profiled in order to provide government investigators the data necessary to more quickly identify, locate and neutralize cyber threats.

"Rapid information sharing is vital to combating cyber criminals," said John C. Eckenrode, Special Agent in Charge, FBI, Philadelphia Division. "A victim of a cyber attack must be able to collect and analyze a large amount of data in a short period of time to identify the attacker. The private sector must take the lead in identifying significant cyber threats and be willing to share that information with other businesses and law enforcement if we ever want to effectively reduce the threat of cyber attacks."

Companies, organizations and government agencies involved in critical national infrastructure sectors such as banking, electrical power, gas and oil, telecommunications, 911 services, water, transportation and government services are encouraged to join CIDDAC. For an annual fee, members receive one RCADS device for network deployment, a full year of 24/7/365 monitoring, direct access to the CIDDAC operations center, alert services and trend analysis reports.

CIDDAC will be located at the ISTAR laboratory at the University of Pennsylvania. ISTAR focuses on international and domestic events that threaten and impact the nation and democracies around the world, and it supports innovative projects in the field of strategic threats.

The Cyber Incident Detection Data Analysis Center (www.ciddac.org) is a non-profit organization established to manage an automated cyber attack early warning system. The CIDDAC prototype in Philadelphia, Pennsylvania has been established to collect, analyze and respond to real-time cyber attacks against participating businesses. Cyber attack data collected and analyzed by a fully operational CIDDAC will provide critically needed data for research and development of real security solutions and provide a unified defense of serious cyber threats. For more information on CIDDAC, call 877-905-0777.

###

More in Infrastructure Funding