Unisys Fortifies Global Cyber Security With CERT/CC and ArcSight; Collaboration Creates New Ways to Quickly Identify and Respond to Evolving Cyber Threats.Business Editors/High-Tech Writers BLUE BELL, Pa. & SUNNYVALE, Calif.--(BUSINESS WIRE)--Feb. 17, 2004 Unisys Corporation (company) Unisys Corporation - The company formed in 1984-5 when Burroughs Corporation merged with Sperry Corporation. This was when the phrase "dinosaurs mating" was coined. (NYSE NYSE See: New York Stock Exchange :UIS (graphics, programming) UIS - A VMS graphics programming interface package for VAXstations. ) has joined the Cyber Security Information Sharing See data conferencing. Project (CSISP CSISP Cyber Security Information Sharing Project ) initiated by ArcSight and the CERT Coordination Center The CERT Coordination Center was created by DARPA in November 1988 after the Morris worm struck. It is a major coordination center in dealing with internet security problems. (CERT/CC (Computer Emergency Response Team/Coordination Center) Part of the Software Engineering Institute of Carnegie Mellon University, CERT/CC is a major reporting center for Internet security problems. ), a major reporting center for Internet security ''This article or section is being rewritten at Internet security is the process of protecting data and privacy of devices connected to internet from information robbery, hacking, malware infection and unwanted software. problems. Organizations participating in CSISP gather and analyze information to help identify cyber threats early and defend against cyber attacks across the entire community. Unisys, a leader in managed security services Security services are state institutions for the provision of intelligence, primarily of a strategic nature, but also including protective security intelligence. Examples include the Security Service (MI5) and the Secret Intelligence Service (MI6) in the United Kingdom, and the and the first commercial enterprise to join the initiative, will use ArcSight's security event correlation Event Correlation is the processes involved with reducing a large number of incident alerts to a much smaller, more manageable number within automated monitoring and incident/problem management in a Support Management System. software as a key tool for information capture and analysis. (See "Event Correlation Adds Value for Unisys Clients and CSISP Community") Unisys will forward to CERT/CC consolidated information on cyber attacks gathered from Unisys Security Operations Centers (SOC) worldwide, maintaining the anonymity of clients choosing to participate in the project. CERT/CC will consolidate and analyze the data along with similar information gathered by other participating organizations to create new ways to anticipate, identify and defend against rapidly emerging threats. "The greatest benefit of our collaboration through the CSISP initiative will be for Unisys clients," said Sunil Misra, Unisys chief security advisor. "By capitalizing on information gathered from and analyzed by members of this community, Unisys will gain increased visibility into the nature and evolution of potential global security events. That will enable us to respond more quickly and effectively to potential threats to our clients' security, and to advance the state of the art in security information sharing." Event Correlation Adds Value for Unisys Clients and CSISP Community To maximize the value of the cyber threat information it gathers, Unisys has implemented, as a key part of its managed security services offering, a global, hierarchical event correlation infrastructure based on ArcSight security risk management software. All participants in CSISP are using this software. Event correlation is the collection, consolidation and analysis of intrusion information from multiple, often diverse network devices, such as network and application firewalls, intrusion detection systems and virtual private networks. Security experts can use the information to detect potential attack patterns and take preventive action A preventive action is a change implemented to address a weakness in a management system that is not yet responsible for causing nonconforming product or service. Candidates for preventive action generally result from suggestions from customers or participants in the process well in advance of actual incidents. For example, a router or a switching device on a network could report differently about the same attempted worm attack, and the assault could go undetected. However, if the data from both devices is aggregated and analyzed in real time by an event correlation engine containing rules about attack patterns, security experts could identify the threat and thwart it more quickly. "Unisys brings an invaluable dimension to the CSISP project," said Rich Pethia, director of the CERT/CC. "As a leading global provider of managed security services to enterprises and governments, Unisys expands the spectrum of security event data available to the CSISP community and provides the depth and diversity required to understand the critical issues regarding information sharing." Initiative Advances U.S. Cybersecurity Strategy, Promotes Security Globally Initiated in July 2003 by ArcSight and CERT/CC, the CSISP initiative advances the Information Sharing and Analysis Center (ISAC ISAC Illinois Student Assistance Commission ISAC Istituto di Scienze dell'Atmosfera e del Clima (Italy) ISAC International Society for Analytical Cytology ISAC Iowa State Association of Counties ISAC Information Sharing Analysis Center ) model, a cornerstone recommendation of the U.S. National Strategy to Secure Cyberspace In the United States government, the National Strategy to Secure Cyberspace, is a component of the larger National Strategy for Homeland Security. The National Strategy to Secure Cyberspace was drafted by the Department of Homeland Security in reaction to the September 11, 2001 . ISAC is a concept that promotes information sharing among security organizations to help identify cyber attacks more quickly and respond to them better. The information Unisys contributes will provide a global perspective on security events that will in turn benefit Unisys clients worldwide. The ArcSight software has already been deployed in the primary Unisys SOCs in North America North America, third largest continent (1990 est. pop. 365,000,000), c.9,400,000 sq mi (24,346,000 sq km), the northern of the two continents of the Western Hemisphere. and Europe, with implementation in Australasia planned for later in the first quarter of 2004. Data of significance captured by these regional SOCs - including information from satellite centers - is rolled up to the global event correlation engine. Because the engine is hierarchical, it enables Unisys to view patterns of activity in individual client networks, as well as to see and analyze aggregated global activity trends. Implementation of the ArcSight event correlation engine enhances Unisys Zero-Gap Security Services, a suite of advisory, implementation, identity and access management, and managed security services that enable clients to address security requirements at all levels of their business. "This collaboration provides ArcSight with a tremendous opportunity to capitalize on Unisys expertise in delivering security solutions, extend the benefits of ArcSight software to Unisys world-class roster of clients, and team with Unisys to provide CSISP community members with new levels of protection for their critical business assets," said Robert Shaw, ArcSight chairman and CEO (1) (Chief Executive Officer) The highest individual in command of an organization. Typically the president of the company, the CEO reports to the Chairman of the Board. . About the CERT Coordination Center The CERT Coordination Center is located at Carnegie Mellon University's Software Engineering Institute in Pittsburgh, Pennsylvania, U.S.A. Established in 1988, the CERT/CC provides technical advice and coordinates responses to security compromises; identifies trends in intruder activity; works with other security experts, including AusCERT, to identify solutions to security problems; and disseminates information to the broad community. The CERT/CC also analyzes product vulnerabilities, publishes technical documents, and presents training courses. About ArcSight ArcSight is a leading provider of security risk management software that enables large organizations to achieve increased protection, more productivity and greater visibility from their security function. By delivering a single solution for event aggregation, real time analysis, incident investigation and reporting, ArcSight provides a coordinated infrastructure that maximizes asset protection while decreasing overall costs. ArcSight features TruThreat Risk Correlation, which allows enterprises to focus on the protection of business assets by utilizing vulnerability assessment data, asset value and real time alarm information to identify and manage true threats and attacks in real time. ArcSight's customers include major financial services organizations, government agencies, manufacturers and managed service suppliers such as Harris Corporation, Union Bank of California Union Bank of California is one of the 30 largest commercial banks in the United States. It has 327 branches, the majority of which are in San Diego, Los Angeles and Orange Counties. , Sandia National Laboratories Sandia National Laboratories, which is managed and operated by the Sandia Corporation (a wholly owned subsidiary of Lockheed Martin Corporation), is a major United States Department of Energy research and development national laboratory with two locations, one in Albuquerque, New , and Corio. More information can be found at www.arcsight.com About Unisys Unisys is a worldwide information technology services and solutions company. Our people combine expertise in consulting, systems integration, outsourcing, infrastructure and server technology with precision thinking and relentless execution to help clients, in more than 100 countries, quickly and efficiently achieve competitive advantage. For more information, visit www.unisys.com. RELEASE NO.: 02178378 http://www.unisys.com/about__unisys/news_a_events/02178378.htm Unisys is a registered trademark of Unisys Corporation. All other brands and products referenced herein are acknowledged to be trademarks or registered trademarks of their respective holders. |
|
||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion