Microsoft joins Cisco and IBM in security initiative

Microsoft is spearheading its second global security initiative in a week by setting up a scheme to try to tackle multi-vendor security threats.

The software giant is joining forces with Cisco, IBM, Intel and Juniper Networks, to form a "lean" organisation called ICASI (Industry Consortium for Advancement of Security on the Internet).

ICASI's aim is to tackle security threats which affect multiple vendors' products, without having to involve government organisations.

ICASI argues its creation is due to the fact that internet threats have evolved in complexity from simple worms and viruses to become sophisticated attacks across multiple products.

Its board of directors will comprise one executive from each of the five vendors.

"To date there has not been a trusted vendor environment that allows companies to identify, assess and mitigate multi-product, global security challenges together on the customers' behalf.

ICASI aims to fill this void," the organisation said in a statement.

"ICASI does not seek to respond to every product security issue...but is designed to respond to, and ideally reduce, the potential customer impact of global, multi-vendor cyber threats," it added.

Issues affecting a single vendor should be addressed by the security response team of that vendor, ICASI said.

The vendors say the new organisation will help them quickly share threat information. ICASI will be able to launch a joint response from its members' incident response teams in the case of a serious threat.

Microsoft's general manager of product security George Stathakopoulos said: "To truly improve online security and privacy, the industry must come together through dialogue, collaboration and consensus, and we believe ICASI represents a crucial step in that direction."

ICASI is said to be seeking further members, although applicants must be global publicly-traded security companies, according to its selection criteria.

They must be able to demonstrate "mature security incident response and engineering processes" and be approved by its board of directors.

Many global companies with interests in security are missing from the consortium, including Symantec, McAfee, Google and HP.

ICASI aims to compile its roadmap in the coming weeks and outline its first "accomplishments" in the autumn.

Microsoft said last week it was forming another security initiative. Along with Google, Novell and Oracle, it has set up the Information Card Foundation to develop technologies for securing digital identities on the internet.

See original article on scmagazineus.com