Symantec Gov Symposium

Global Resilience Federation’s Cindy Donaldson on Cyber Information Sharing


We’re excited to have the Global Resilience Federation (GRF) involved in this year’s Symposium. Interested in learning more about this organization and the important work they do to support cyber information sharing? Read on for a Q&A with Cindy Donaldson, GRF’s President, and be sure to register for the Symposium to hear Cindy speak about the current threat landscape, the state of ransomware, and how we can fight back as a community.

What is Global Resilience Federation?

Global Resilience Federation (GRF) is a non-profit organization that serves as a hub for cyber, physical, and geopolitical threat intelligence sharing for information sharing communities supporting various sectors around the world. GRF provides member communities with industry specific warning and mitigation techniques and facilitates sharing among organizations facing similar attacks or using similar infrastructure or software. GRF Members include:

  • Financial Services Information Sharing and Analysis Center (FS-ISAC)
  • Oil and Natural Gas Information Sharing and Analysis Center (ONG-ISAC)
  • Energy Analytic Security Exchange (EASE)
  • Health Information Sharing and Analysis Center (H-ISAC)
  • Legal Services Information Sharing and Analysis Organization (LS-ISAO)
  • National Retail Federation Retail Information Sharing and Analysis Organization
  • Multi-State Information Sharing and Analysis Center (MS-ISAC)
  • Retail Cyber Intelligence Sharing Center (R-CISC)

Many industries have specialized risk and attack vectors, which is why ISACs and ISAOs are so important, but there will also always be vertical-agnostic threats. GRF recognizes that and its sharing architecture is designed to support both scenarios.

Using a member-driven approach and an ISAC model that leverages 20 years of experience, GRF builds and/or expands the capabilities of ISACs and ISAOs, connecting them into a multi-industry network of information exchange for mutual defense. Working with other sharing communities, government, and private sector partners, GRF provides timely and actionable intelligence to members, enriched by GRF analysts, and tailored to meet the needs of the network and a specific community. GRF sends thousands of enriched reports and alerts a year on malware, systems vulnerabilities and other threats, and through its automated sharing platforms offers hundreds of thousands of industry-specific Indicators of Compromise every month.

Why did GRF become involved with the Symantec Government Symposium?

GRF understands the benefits of working with government to mitigate risk. In the United States, GRF works closely with National Cybersecurity & Communications Integration Center (NCCIC) and other U.S. Department of Homeland Security entities that provide insight into threats against critical infrastructure, vital infrastructure and other best practices to ensure the reliability of private industry in the United States. Like NCCIC, GRF works with many different industries. We have visibility into sectors ranging from oil and gas and electric utilities, to legal services and financial services. Just as government works to safeguard industry, connecting the dots of attack methods, targets and threat actors, GRF also flags threats to members that impact – or have the potential to impact – multiple communities or hop from one to another. We want to continue to see government and industry work together and improve their respective security practices for our mutual defense. The Symantec Symposium provides a great venue for cross-pollination of ideas.

How did you get involved in cybersecurity?

My career in cybersecurity started 22 years ago, and along the way I have worked in both the public and private sectors. My first job in cybersecurity started with a consulting company that supported the Federal Deposit Insurance Corporation where over the course of a few years I worked in access control, security awareness training, encryption, monitoring, and Y2K planning. We also held events to bring together Information Security Officers from various departments, so it was a great precursor to today with our focus on collaboration at GRF. But in between, I worked in a few Fortune 50 companies and some federal agencies. I was a co-author of the PCI Data Security Standard v2.0 and I’ve been the chief security officer of a large, global company. Working with great mentors, peers, and staff, I sought to advance cybersecurity in each of those roles but GRF provides the opportunity to make the largest impact. We engage with so many member companies, private security vendors, international security groups and government bodies that we have a huge footprint. Working with Symantec on their Government Symposium is yet another great opportunity to advance security in a critical area that affects so many of our members and partners in government.