Global Resilience Federation Launches ProSIX Community for Professional Services Firms

Reston, VA, USA- May 23, 2019 - Global Resilience Federation (GRF) today announced the launch of Professional Services Information Exchange (ProSIX) to serve the threat intelligence sharing needs of firms in professional services industries including accounting, consulting and engineering, among others.

Through ProSIX, participating companies are able to receive and share warning and mitigation information on cyber, physical, geopolitical and systems vulnerability threats targeting professional services organizations. Working with ProSIX staff, members, vendor partners and government, firms can better defend their organization, customers, and data by leveraging threat information tailored to their needs and enriched and consolidated in a way currently unavailable in the marketplace.

The Verizon 2019 Data Breach Investigations Report tracked 157 breaches and 670 incidents in professional services, noting phishing and credential theft are on the rise. Verizon reported that companies’ financial staff were most likely to be compromised in fraudulent transactions, but executives made up 20% of incidents and were six times more likely to be compromised in professional services than the median for all industries summarized in the report.

“ProSIX meets a significant need in enterprise risk management,” said GRF Chairman and CEO Bill Nelson. “ProSIX is part of the GRF community of eight information sharing organizations offering many benefits:

▪       Enables members access to anonymously shared information which builds trust and protects member companies’ security and reputation;

▪       Leverages tactical and strategic intelligence from members, government, vendors, and cross-sector partners;

▪       Utilizes the Traffic Light Protocol, a widely accepted information sharing standard for communication and handling of information;

▪       Provides a venue for sector benchmarking, peer lessons learned and continuous improvement;

▪       Expands on a proven nonprofit information sharing model used in other sectors.”

ProSIX uses a customized communications portal compatible with standard formats like STIX/TAXII. Members can share alerts, discuss malware or other threats using chats and forums, share best practices, send and collect surveys and RFIs, and review important security documents in a repository. Members also gather on a biweekly analyst-led threat call to address pressing issues and exchange defensive solutions.

As part of ProSIX, members benefit from GRF eXchange which enables cross-sector, automated, multi-directional threat data distribution and consumption among many industries in real time. eXchange lets members incorporate data and threat feeds from GRF vendor partners as well, allowing integration of multi-source intelligence into a company’s existing security framework.

“This new threat information sharing community helps professional services companies meet the expectations of the marketplace while greatly contributing to their resilience, enhancing their security operations and reducing their overall enterprise risk,” added Gary Owen, Executive Advisor to GRF and former Time Warner CISO. “The launch of ProSIX enables professional services companies of all sizes to help secure an industry dealing with significant amounts of sensitive data and intellectual property.”

###

Global Resilience Federation (GRF) is a non-profit hub for cyber, vulnerability, physical and geopolitical threat intelligence exchange between information sharing and analysis centers (ISACs), organizations (ISAOs) and computer emergency readiness/response teams (CERTs) from many different sectors and regions around the world. GRF and its affiliated communities form a defensive network of more than 7,000 organizations operating across five continents. GRF members include Health ISAC, Oil & Natural Gas ISAC, Retail ISAO, Retail & Hospitality ISAC, Financial Services ISAC, Legal Services ISAO, and Energy Analytic Security Exchange. Learn more at www.GRFederation.org or by visiting @GRFederation on Twitter or Global Resilience Federation on LinkedIn.

 Professional Services Information Exchange (ProSIX) is a forum for companies to share cyber, physical, systems vulnerability and supply chain security information to protect their business, their employees, their customers and their data. Visit www.prosix.org for more information or go to @ProServInfoExch on Twitter or Professional Services Information Exchange (ProSIX) on LinkedIn.

 Questions may be directed to Patrick McGlone: pmcglone@grfederation.org or 443-465-7661