A group of operational technology cybersecurity leaders and critical infrastructure companies today launched a new open-source, vendor-agnostic technology platform for sharing anonymous early-warning threat information across industries with peers and governments.

Called ETHOS, for Emerging THreat Open Sharing, the platform is designed to give critical industries a vendor-neutral option for information sharing to combat the increasing number of cyberthreats. ETHOS is an always-on, open-source solution that operates as a hotline to collect information from security vendors to identify anomalous behaviors, with the goal of strengthening cybersecurity defenses and ensuring more effective government communication and support.

The founding members of the non-profit entity backing the platform include 1898 & Co. LLC, ABS Group Inc., Claroty Ltd., Dragos Inc., Forescout Technologes Inc., NetRise Inc., Network Perception LLC, Nozomi Networks Inc., Schneider Electric SE, Tenable Inc. and Waterfall Security Solutions Ltd.

Sharing data is key to the aim of ETHOS, with the group arguing that sharing data to investigate early threat indicators leads to the discovery of new and novel attacks. The platform will collectively uncover and share emerging threats for which no threat intelligence or known attack pattern is available across private and public sector stakeholders.

ETHOS will also offer a vendor-neutral option to improve public/private sector cooperation for real-time information sharing across sectors and with governments. The companies backing the platform claim that if successful, ETHOS will result in fewer asset owners becoming victims of preventable cyber-attacks.

Open-source from day one, ETHOS will accept contributions from any individual, organization, or security vendor, with general membership applications opening to all from June 2023.

“You cannot act on what you don’t see or know, but we’re fundamentally changing that through the creation of this vendor-agnostic platform and outstanding group of industry firms,” Daniel dos Santos, head of security research at Forescout, said ahead of the official launch. “Critical infrastructure is on the road to achieving a stronger security posture because of these efforts to streamline information sharing, and we’re proud to play a part in it.”

The initiative is also being given encouragement from the U.S. Cybersecurity and Infrastructure Security Agency, though it’s not a member.

“The scale of threats facing critical infrastructure operators, and in particular Operational Technology networks, requires an approach to information sharing grounded in collaboration and interoperability,” said Eric Goldstein, CISA’s executive assistant director for cybersecurity. “CISA is eager to continue support for community-driven efforts to reduce silos that impede timely and effective information sharing.”

Image: Needpix