Anton Chuvakin

A member of the Gartner Blog Network

Anton Chuvakin
Research VP
2+ years with Gartner
14 years IT industry

Anton Chuvakin is a research VP at Gartner's GTP Security and Risk Management group. Before Mr. Chuvakin joined Gartner, his job responsibilities included security product management, evangelist… Read Full Bio

Coverage Areas:

On Security Data Sharing Research

by Anton Chuvakin  |  February 10, 2013  |  3 Comments

As I promised in my post On Security Data Sharing, we are starting a new research project on information security data sharing. Specifically, our research (joint with Dan Blum) will focus on how organizations can benefit from shared security data, what types of data can/should be shared, what are the barriers to sharing, what methods and protocols can be used and, most importantly, how to share/receive security data for enhancing your security defenses. We will look at the new commercial data sharing providers (RedSky, SecurityStarfish), ISACs (FS-, REN- … any others still alive?), and other organizations and will try to learn from both successes and failures (of which there are plenty, BTW).

So, here is my next call to action:

  • We have requested briefings from two commercial data sharing service providers and some ISACs. Other vendors, if you think you are closely related to security data sharing, got anything to say about it?  Here is a briefing link … you know what to do.
  • Enterprises, got a data sharing-related story to ..well… share? Hit the comments or email me privately (Gartner client NDA will cover it, if you are a client).

Related posts:

3 Comments »

Category: data security sharing     Tags: ,

3 responses so far ↓

  • 1 Glenn Merrell, CAP   February 13, 2013 at 6:33 pm

    Anton,
    This should be a productive and interesting discussion. I am interested to hear the differences between commercial information sharing for a fee, and information sharing from a funded organization serving the needs of Critical Infrastructure protection.

    Cheers!
    Glenn Merrell, CAP
    ICS-ISAC.org Workforce Development Director / Advisor

  • 2 Anton Chuvakin   February 14, 2013 at 12:29 pm

    First, thanks for the comment. If you are involved with ICS-ISAC, would you consider briefing us on its status, etc via http://www.gartner.com/it/about/vbriefings_faq.jsp

    Second, we’d be exploring this (commercial vs “public” sharing) and other issues in this multi-decade saga (started in 1998 with PDD63 if not earlier) towards information sharing.

  • 3 On Trust in Security Data Sharing   February 20, 2013 at 4:14 pm

    [...] On Security Data Sharing Research [...]