The days of highway banditry and high-profile bank robberies are fading away as more criminals are turning to their computers to steal vital information from consumers and businesses.
Due to the prevalence of cyberattacks, organizations are partaking in intelligence-sharing communities in order to remain cognizant of the latest infiltration tactics deviants employ. Microsoft is taking a stance on the matter, offering a new platform that is sure to be featured in Microsoft certification courses and other educational programs.
Staying ahead of their tactics
Microsoft’s offering, dubbed “Interflow,” allows users to create communities through which information can be automatically exchanged between authorized companies, Dark Reading reported. The source noted that Interflow is a cloud-based provision available through Azure, using a machine-readable format that feeds data into firewalls, intrusion detection systems and other computing security deployments.
Bypassing manual notification
Interflow’s automated processing is appropriate given the nature of cybercrime. Dark Reading acknowledged that financial services, health care providers and retailers all partake in information sharing and analysis centers, but discussions are often initiated well after an attack has occurred.
Serdar Yugulalp, a contributor to InfoWorld, recently spoke with Malwarebytes’ Head of Malware Intelligence Adam Kujawa, who noted that although exchanging intelligence may be effective, a backlog of data can be amassed when manual techniques are employed.
“Microsoft seems to have taken this fact into consideration and allowed for specialized intelligence to be gathered using their Azure cloud technology with plug-ins that gather and output the intelligence in the forms that are most useful to the users,” Kujawa told Yugulalp.
The protocols it follows
For those interested in enrolling in Microsoft training to gain more knowledge of the system, the software itself doesn’t utilize original algorithms – standards are simply harnessed in a different manner.
Yugulalp acknowledged the following protocols Interflow uses:
- Structured threat information expression
- Trusted Automated Exchange of Indicator Information
- Cyber Observable Expression Standards
Couldn’t have come at a better time
It’s a wonder why a system such as Interflow wasn’t developed sooner. However, the tardiness of this arrival makes sense when you look at it from a competitive standpoint. Yugulalp spoke with fellow InfoWorld contributor Roger Grimes, who noted that some tech companies may have feared becoming irrelevant.
“Most companies don’t want to give away such telemetry for free. Information is power,” he told Yugulalp. “When a security company has that information, it’s going to be better at protecting us from those threats than we would be on our own.”
It appears that Microsoft would rather have its customers be prepared for the worst rather than suffer the consequences of a cyberattack.