Skip to main content

Using Fusion Centers to Improve Situational Awareness

May 21, 2014

I have been having many discussions lately around the concept of threat intelligence fusion centers. If you haven’t heard of a fusion center, it is an idea originally created by the government to promote information sharing between federal agencies, the military, and state and local governments. According to the National Fusion Center Association, the goals of a fusion center are to integrate information and intelligence in order to enhance public safety; encourage effective, efficient, ethical, lawful, and professional intelligence and information sharing; and prevent and reduce the harmful effects of crime and terrorism on victims, individuals, and communities.

Over the past few years, fusion centers have been largely focused on cybersecurity, gathering collaborative intelligence to gain a higher level of situational awareness to prepare for and respond to threats. This is a tool mostly used by the public sector, but can also be valuable for private sector entities. Fusion centers can help organizations improve situational awareness by driving information sharing across different departments – to enable organizations to better recognize and analyze trends.

The way to build a threat intelligence fusion center is to have different business units (marketing, IT, legal, etc.) work together in the same physical location in order to easily share information and collaborate on events. Let’s look at a practical example of how a fusion center could discover a threat to an organization. Say that the marketing team recognizes a large amount of activity from a user downloading collateral and spending a lot of time on the pages. At the same time the IT team has identified a disabled user trying to infiltrate the organization’s internal network. And, what both of these groups don’t know is that the legal team is currently in litigation with a former employee accused of stealing intellectual property. On their own, each group recognizes this activity, but doesn’t have the holistic picture that these events are all related. A fusion center aims to recognize these trends so the company can put actions can be put in place to protect the organization.

When dealing with threats, context is key and the fusion center model focuses on bringing context to events that impact an organization. I have seen many DoD contractors and financial institutions use this concept. I think that it is beneficial for all industries and could be a useful new approach to managing threats and enabling collaborative response within your organization.


    James Robinson

By: James Robinson

Vice President, Third-Party Risk Management

See More

Related Blogs

June 28, 2017

Petya / Petna / NotPetya Ransomware Recommendations from the Trenches

Here we go again. Not long ago I updated a blog post containing actionable recommendations to protect your environment from ransomware threats, includ...

See Details

May 18, 2017

WannaCry Ransomware Recommendations from the Trenches

Approximately one year ago, I wrote a blog post containing actionable recommendations to protect your environment from ransomware threats. In the wake...

See Details

March 16, 2017

OCC Updated Guidance on Third-Party Risk

Recently, the Office of the Comptroller of the Currency (OCC), released updated guidance for bank examiners as they scrutinize third-party risk progra...

See Details

How Can We Help?

Let us know what you need, and we will have an Optiv professional contact you shortly.


Privacy Policy

Related Insights

October 31, 2013

CryptoLocker - The Latest in a Long Line of Ransomware

Since early September 2013, a new version of ransomware has been spreading around the globe using email attachments, embedded internet links and/or bo...

See Details

July 21, 2015

Network Security Solutions

Learn how we help protect your environment while maintaining connectivity.

See Details

January 12, 2017

Information vs. Cyber Threat Intelligence

Cyber threat intelligence should always enable decision making and action, but what good is a cyber threat intelligence program if you take no action ...

See Details

Stay in the Know

For all the latest cybersecurity and Optiv news, subscribe to our blog and connect with us on Social.

Subscribe

Join our Email List

We take your privacy seriously and promise never to share your email with anyone.

Stay Connected

Find cyber security Events in your area.