Bank-funded cyber info sharing software released

Cyber threat info-sharing software developed with backing from major banking trade groups is now widely available.

The software, Soltra Edge, is built to collect cyber threat information from myriad sources and convert it into a standard, readable format for companies. The software was funded by banking industry groups.

However, “This is not a financial specific solution,” Soltra CEO Mark Clancy told The Hill. “We think we can get pretty large-sale adoption.”

ADVERTISEMENT

Roughly 75 companies have downloaded the software since its release late Tuesday. Several hundred firms across sectors are expected to sign up in the coming weeks, Clancy said.

“And we’ve not done a whole lot of direct outreach,” he added.

With cyberattacks and data breaches growing, companies have been working to establish cyber threat information-sharing programs to help defend their networks.

Thus far, much of the info-sharing has been sector specific — retailers have their own info-sharing programs, financial firms have theirs.

Government officials have encouraged companies to reach across sectors. The Justice Department released a memo in April saying antitrust concerns should not serve as “a roadblock” to sharing such information.

“Cyber threat information typically is very technical in nature and very different from the sharing of competitively sensitive information,” the agency said.

Clancy believes Soltra Edge can help break down these barriers.

He likened it to an email server that can receive messages in numerous formats and then translate the message into other formats, allowing companies to submit info from security firms, government agencies and industry-specific sharing programs.

But Congress must pass legislation for Soltra Edge to realize its full potential, Clancy acknowledged.

“I think it can be even better with legislation in the U.S.,” he said.

Lawmakers have been considering a bill that would enable private industry to share more cyber threat information with the government.

The bill has gotten mired in privacy advocates’ concerns that it does not properly prohibit the government from collecting Americans’ personal data.

Companies have argued they cannot completely share cyber threat information with the government without liability protection from Congress.

“The end-game solution for us does need a legislative underpinning to it,” Clancy said.

— Updated 6:09 p.m.