When I recently learned that Facebook had developed a social networking site with “security professionals” as the target audience, I leaped for joy. As a Soldier who has earned her graduate degree in Cybersecurity and who loves Facebook, I applauded the social networking website’s efforts. In February 2015, Facebook launched a platform called Threat Exchange, with the overarching mission of creating a unified front to share threat information. Specifically, the concept is to enable researchers and professionals to share information, learn from one another’s threat discoveries, and helping one another would ultimately result in making their own systems safer.
However, if you logon to Facebook, enter “Threat Exchange” in the search box, it takes you to a page where you will observe the following: there are a total of 9 “Likes” of the Threat Exchange organization page (to include my own), the “About” tab doesn’t have any descriptive information regarding the organization, the tabs “Photos” and “Videos” are blank, and you will be unable to see the other 8 people/organizations that liked the page. So while the notion of developing a site where “security professionals would share threat discoveries in hopes that informing one entity would enable others to strengthen their security program” seemed like it is too good to be true, the fact of the matter is that there isn’t any evidence of open source information sharing going on.
Mark Zuckerberg, best known for creating the social media site Facebook, is once again on the edge of innovation with his new cybersecurity forum.haring going on.
Threats like malware and phishing typically go after multiple targets, and a successful attack at one place usually makes it easier to take over systems elsewhere (Threat Exchange, n.d., para. 4). But if the site has no information, how does Facebook plan to develop this coordinated effort to defend against cybercrime?
When can we expect them to share and expand their threat analysis framework ThreatData?
The bigger question is, does Facebook do enough to help protect the personally identifiable information (PII) of their users? The purpose of using the social networking site is to interact and share with people you call your friends. Yes, we are to be held completely responsible for what we share, but the social networking site should continue to do more to protect the user’s experience.
So while Facebook has launched this information-sharing site that has no viable information on it, I believe they should concentrate their efforts on continuing to refine their security processes that would keep their users safe. Defining sharing boundaries and developing more viable ways to cultivate an environment that is conducive to the positive use of Facebook seems like a goal within reach. But I am all for being proven wrong, so if the Threat Exchange becomes all that it has been hyped up to be, then I will surely be one to ride the uniquely designed social media platform train. Choo Choo!
Are you ready to apply your skills in cybersecurity to help organizations manage their cyber risk? The NCI is offering programs and courses at the National Cybersecurity Institute. Join the world of cyber professionals!
Katharin Rice-Gillis began her military career in September 1996 by enlisting in the U.S. Navy where she served aboard the USS Simon Lake, USS Enterprise, and USS Iwo Jima. In 2005, she transitioned to the U.S. Army under Operation Blue to Green. She is a Chief Warrant Officer 2, possessing the technical Warrant Officer Military Occupational Specialties Marine Deck Officer (880A) and Electronic Warfare Technician (290A). She has served tours of duty in both Iraq and Afghanistan. In 2011, she received a Bronze Star for Leadership performance. With 19 years of active duty service and the intent to transition to civilian life in 12 months, Katharin is preparing for her next career. She has earned three degrees with Excelsior College: an Associate degree in 2009, a Bachelor of Science in 2013, and Master of Science in Cybersecurity in 2015. Currently, she serves as the Graham Resiliency Training Center’s Executive Officer in Fort Sill, Oklahoma and pursuing her Doctorate in Strategic Security program with Henley Putnam. She is a mother of 2 and a wife to a retired Army Soldier.
Facebook. (2014). Understanding Online Threats with Threat Data. Retrieved August 8, 2015, from https://www.facebook.com/notes/protect-the-graph/understanding-online-threats-with-threatdata/1438165199756960
Kumar, M. (2015). Facebook Launches Threat Exchange for Sharing Cyber Security Threats. Retrieved August 8, 2015, from http://thehackernews.com/2015/02/facebook-threatexchange-cyber-security.html
Threat Exchange. (n.d.). Learn About New Threats, Share Threat Information Back, Everyone Gets More Secure. Retrieved from https://threatexchange.fb.com