- 15 March 2004 15:04
Unisys Fortifies Australian Cyber Security
Australian companies can now take advantage of collaboration with the Cyber Security Information Sharing Project (CSISP)
Sydney, 15 March 2004¯Unisys has joined the Cyber Security Information Sharing Project (CSISP) initiated by ArcSight and the CERT Coordination Centre (CERT/CC), a major reporting centre for Internet security problems based in the United States.
Organisations that participate in CSISP gather and analyse information to help identify cyber threats early and defend against cyber attacks across the entire community. Unisys is the first commercial company to join the initiative and seven Australian organisations are already discussing subscribing to the service with Unisys.
"The greatest benefit of our collaboration in the CSISP initiative will be to Unisys clients," said John Ellis, senior security architect, Unisys Australia-New Zealand. "This formal and structured collaboration increases the visibility of potential global security events. It also enables Unisys to respond more quickly and effectively to potential threats to our clients' security and to initiate advances in security information sharing."
As a member of CSISP, Unisys will forward consolidated information on cyber attacks gathered from Unisys Security Operations Centres worldwide, to CERT/CC. Clients’ details will remain anonymous. CERT/CC will then consolidate and analyse the data along with similar information gathered by other participating organisations to create new ways to anticipate, identify and defend against rapidly emerging threats. Event correlation: how it works As part of its managed security services, Unisys has implemented a hierarchical event correlation infrastructure. Event correlation is the collection, consolidation and analysis of intrusion information from multiple and often diverse network devices. These include network and application firewalls, intrusion detection systems and virtual private networks.
Security experts use the information to detect potential attack patterns and to take preventive action well in advance of actual incidents taking place. For example, a router or a switching device on a network could both report differently about the same attempted worm attack with the end result of the assault going undetected. However, if the data from both devices are aggregated and analysed in real time by an event correlation engine containing rules about attack patterns, security experts can identify the threat and thwart it more quickly.
The information that Unisys will contribute as part of this collaboration will contribute to the global perspective on security events that will in turn benefit Unisys clients worldwide, including those in Australia. Data of significance captured by these regional Security Operations Centres (including information from satellite centres) is consolidated into a global event correlation engine. Because the engine is hierarchical, it enables Unisys to view patterns of activity in individual client networks, as well as to see and analyse aggregated global activity trends.
This formal commitment to worldwide security collaboration, and the use of the ArcSight event correlation engine, enhances Unisys Zero-Gap Security Services. These are advisory, implementation, identity management, access management, and managed security services that allow clients to address security requirements at all levels of their business.
About the CERT Coordination Centre The CERT Coordination Centre is located at Carnegie Mellon University's Software Engineering Institute in Pittsburgh, Pennsylvania, U.S.A. Established in 1988, the CERT/CC provides technical advice and coordinates responses to security compromises; identifies trends in intruder activity; works with other security experts, including AusCERT, to identify solutions to security problems; and disseminates information to the broad community. The CERT/CC also analyses product vulnerabilities, publishes technical documents, and presents training courses.
About ArcSight ArcSight is a leading provider of security risk management software that enables large organisations to achieve increased protection, more productivity and greater visibility from their security function. By delivering a single solution for event aggregation, real time analysis, incident investigation and reporting, ArcSight provides a coordinated infrastructure that maximises asset protection while decreasing overall costs. ArcSight features TruThreat Risk Correlation, which allows enterprises to focus on the protection of business assets by utilising vulnerability assessment data, asset value and real time alarm information to identify and manage true threats and attacks in real time. ArcSight's customers include major financial services organisations, government agencies, manufacturers and managed service suppliers such as Harris Corporation, Union Bank of California, Sandia National Laboratories, and Corio. More information can be found at www.arcsight.com
About Unisys Asia Pacific Unisys Asia Pacific provides its clients with specialised business services delivered by industry experts. Drawing on a history of innovation and expertise, Unisys Asia Pacific delivers services and solutions in Australia, New Zealand, China, Hong Kong, Indonesia, Korea, Malaysia, The Philippines, Singapore, Taiwan, Thailand and Vietnam. For more information, visit www.unisys.com.au
About Unisys Unisys is a worldwide information technology services and solutions company. Our people combine expertise in systems integration, outsourcing, infrastructure, server technology and consulting with precision thinking and relentless execution to help clients, in more than 100 countries, quickly and efficiently achieve competitive advantage. For more information, visit www.unisys.com