The Los Angeles Cyber Lab, a nonprofit organization that provides free cybersecurity assistance to the city’s small and medium-sized businesses, on Tuesday announced a new mobile app and online threat intelligence platform.
The new tools, unveiled by Mayor Eric Garcetti, who chairs the lab’s advisory board, are hoped to educate businesses on common cybersecurity threats, like phishing, and automate some parts of the lab’s threat intelligence work, which is currently disseminated manually.
Businesses that partner with the lab, which launched in 2017, can in turn share internal company data, like log-in data, internal web traffic, and user account activity. Once a partnership is established, the lab’s executive director, Josh Belk, told StateScoop, the lab reviews the shared data, looking for indicators of compromise, data that shows whether or not a user account has been compromised or whether an email contained a phishing link, for example.
The lab currently sends emails manually five times a week letting its partner businesses know about potentially compromised data in the businesses’ internal networks. The new threat intelligence sharing platform would automate that, giving faster updates to businesses that don’t have the internal resources to consistently ensure their networks are secure, Belk said.
“The real focus is while we’re doing this enterprise-level interface with the business community,” he said. “We decided to create an app which would be available for anyone, but really focused on [small and medium-sized businesses], and their ability to validate fishing attempts.”
The mobile app is for even quicker validation, Belk said. Businesses can forward suspicious emails to a link provided by the lab, and the app will notify them within several hours whether the email contained any known cybersecurity threats.
“We’re not going to be able cover zero-day exploits or anything like that, but it’s a first step in a really good cause, but not the end-all, be-all solution,” he said.
The lab partners with IBM to provide local businesses with up-to-date cybersecurity information. Using IBM’s troves of threat-activity data, the lab can associate shared information with known threats. Belk said his team is often looking for patterns, such as shared wording or links in email headings. If the lab determines that a business has been compromised, it provides several options for the business owners to contact law enforcement, but no remediation or offensive capabilities.
The initiative is supported heavily by Garcetti, and Belk said it makes sense for the country’s second largest city by population to set trends. While New York City stood up its own cyber command center in 2017 to raise cybersecurity awareness for residents, the direct relationship that the Los Angeles lab has with businesses is unique, he said.
“I don’t know of a city that’s done a similar thing,” Belk said. “Cities are coming to us more than we are to them.”