Canadian Cyber Threat Exchange.
The CCTX is a private sector, not-for-profit, cross-sector and membership-funded cyber threat sharing hub and collaboration organization. It was launched in December 2015 and became operational in February 2017. The Board of Directors comprises senior private sector members and is supported by government and academic advisors. Membership in the CCTX is available to all privately-owned Canadian businesses and to multi-national organizations legally registered to conduct business in Canada.
The CCTX is operational now. Data is flowing into the CCTX Data Exchange and being analyzed and threat reports are being issued. CCTX Subscribers are participating in collaboration groups and are coming together to share best practices and solve cyber security problems.
The CCTX, through the CCTX Data Exchange, provides a current, focused view of cyber events directly impacting Canadian business, along with mitigation options and tools to combat identified threats. By aggregating data on threats, vulnerabilities and risks and analyzing this information to produce pertinent, timely and actionable intelligence, the CCTX adds value that it shares with participants. The CCTX Collaboration Centre is a forum for exchanging best practices, techniques and insights.
The CCTX is member-driven and governed by a Board of Directors. Each Director serves a two-year term and is elected by Members. Day-to-day management of the CCTX is the responsibility of the Executive Director, who is appointed by and reports to the Board. The CCTX’s business applications, infrastructure and training and logistical support services are provided by a Managed Security Service Provider, accountable to the Executive Director.
The CCTX provides a cross-sectoral, exclusively Canadian perspective. Cross-sectoral participation ensures a rich exchange of information and best practices. Subscribers have the opportunity to engage with customers and suppliers to improve cyber resilience. Many other information sharing analysis centres have a sector-specific domestic and international focus. CCTX information and analysis—which is based on public and private sector inputs of real cyber events affecting Canadian business—will not be diluted by international information that is not pertinent to Canada. At the same time, the CCTX operates with a global view of the cyber threat environment.
By participating in CCTX cyber threat intelligence and collaboration forums, Subscribers will be better prepared to mitigate or eliminate new and evolving cyber threats. They will be stronger not only as individual organizations, but collectively. Today, the private and public sectors do not have a consolidated view of cyber threats impacting the nation. The CCTX aims to meet this need.
The CCTX provides two significant benefits:
- Subscribers receive actionable cyber threat intelligence from the CCTX Data Exchange. This intelligence is based on input from all sectors of the economy. Cyber attackers are sharing their attack techniques across sectors, and CCTX Subscribers are informed about all of these techniques. The contextually-rich data that Subscribers receive improves their decision making.
- Through CCTX Collaboration Centre communities of trust and communities of interest, experts from Subscriber companies interact with other professionals to solve their cyber problems. This sharing can focus on a single issue, an attack campaign or the latest threats. Best practices, techniques, and insights from a diverse community of professionals are exchanged.
The CCTX is open to all privately-owned Canadian businesses and multi-national organizations legally registered to conduct business in Canada.
The CCTX is recruiting Subscriber companies of all sizes and from all sectors across Canada. Organizations interested in joining the CCTX should contact firstname.lastname@example.org.
CCTX Subscribers gain a focused perspective on cyber threats that could impact their business. They receive advanced mitigation information about cyber events in other business sectors that may migrate to their organization or sector. They collaborate with other cyber security experts in sharing best practices, techniques, and insights. Because cybercrime is global, CCTX members will be doing their part to help protect Canada from cybercrime that is undermining business.
The CCTX offers three levels of service to meet the needs of Canadian business of all sizes and means – Member, Associate and Affiliate. Member services provide a comprehensive set of information and participation options to meet the needs of large businesses with more than 5,000 employees. For smaller businesses, five levels of Associate services are available. Business associations are invited to participate as CCTX Affiliates at no cost.
The CCTX will provide easy to use information and toolkits to help individual Canadians address basic cyber security issues.
Access is restricted to authorized individuals from each CCTX participating organization. No public access is permitted.
Privacy is critical to the success of the CCTX. By providing solutions and services that incorporate internationally recognized Privacy by Design principles, developed by Dr. Ann Cavoukian, the CCTX will address privacy concerns head on. It will routinely monitor the effectiveness of privacy controls and will use a third party to audit operations and validate that privacy is being protected.
To provide a comprehensive Canadian perspective, threat intelligence will come directly from participant organizations, commercial companies who gather this type of information, government agencies, academic cyber research programs and other trusted sources.
The CCTX is fed anonymized structured and unstructured threat and vulnerability data from Subscribers and from government and commercial sources. Threat inputs are triaged, analyzed, processed and distributed to Subscribers. This process produces unique contextual information, rendering actionable intelligence that can be shared through message boards, secure e-mail, reports and the CCTX document repository.
The CCTX is not a Government of Canada initiative. The founding members consulted with Public Safety Canada, the lead agency for Canada’s Cyber Security Strategy, and the Communications Security Establishment on how the CCTX can best work with Government. For more information, contact Public Safety at email@example.com or the Communications Security Establishment at firstname.lastname@example.org.
The CCTX was the first organization to sign a collaboration agreement with the CCCS.
Information made available by the partnership with the new CCCS will be combined with the unique information provided by CCTX Subscribers to provide a much broader, contextually-rich feed of data to CCTX Subscribers. This combined data is analyzed by the CCTX Security Operations Centre, producing daily reports to help CCTX Subscribers set priorities.
CCTX Subscribers can anonymously and voluntarily share their cyber threat intelligence with the CCCS via the CCTX platform. Subscribers have absolute control over whether their information is shared with the CCCS or not. Subscribers also have the opportunity to comment on the value of the information received from the CCCS and to thereby help make it more useful.
The CCCS brings together:
- From Public Safety Canada: All functions of the Canadian Cyber Incident Response Centre (CCIRC) and the Get Cyber Safe public awareness campaign
- From Shared Services Canada: Some of the functions of the Security Operations Centre
- From the Communications Security Establishment: the entire IT Security branch
Combining CCCS public sector data with member-contributed CCTX private sector data is a powerful way to generate a unique cross-sectoral Canadian perspective.
Cyber threat actors — including foreign states, hacktivists, criminals and terrorists — continually probe government systems, looking for vulnerabilities to gain access to a computer system. Every day, thousands of attempts are made to compromise the integrity of government networks. The CCCS will provide indicators of compromise related to malicious activity seen on government networks. These are high-confidence indicators, such as IP addresses and domain names, compiled by the CCCS defence team.
CCTX Member services cost $50,000 annually. Fees for Associates vary, depending on the number of employees in the Subscriber company – see the chart below. Business Associations will be able to join as CCTX Affiliates at no cost.
|Number of employees||> 5,000||Platinum
|Subscription Fees||$50,000||$25,000||$10,000||$5,000||$2,000||$500||No cost|
|Number of employees||Subscription Fees|
The CCTX offers a variety of value-added information sharing and analysis options including cyber alerts, an ability to anonymously submit and receive threat intelligence, threat conference calls, participant surveys, membership meetings, and educational events. In addition, members can gain valuable insights and information from other CCTX Subscribers by participating in Communities of Interest and Communities of Trust. These communities are forums for professionals to interact to solve their cyber problems by exchanging best practices, techniques and insights.
The CCTX is a not-for-profit organization; the annual fees cover the costs of service delivery and administration.
Yes. Attendance at CCTX WebEx sessions can be used towards the continuing professional development requirements of several accreditation authorities, including ISC2, ISACA and PMI.