ETHOS: Bringing the OT Security Community Together for Threat Information Sharing

Tenable participates in a first-of-its-kind initiative that will aggregate information from several operational technology (OT) security vendors to share emerging threat intelligence with critical infrastructure service providers.

As critical infrastructure sectors continue to come under siege by malicious attacks on their networks and systems, getting an early warning about emerging cybersecurity threats can be the difference between continuous productivity and major disruption. But, unlike industries where service interruptions can cause mostly minor inconveniences, the impact of an attack on critical infrastructure can have devastating effects that should be avoided at all costs.

That is why Tenable has joined forces with 10 other OT cybersecurity industry leaders to collaborate on the development of ETHOS (Emerging THreat Open Sharing), an open-source, vendor-agnostic technology platform for sharing anonymous, early-warning threat information. Plans for ETHOS were announced today at the 2023 RSA Conference in San Francisco.

Driving collaboration and innovation to strengthen OT security

Along with Tenable, founding members of the ETHOS community include 1898 & Co., ABS Group, Claroty, Dragos, Forescout, NetRise, Network Perception, Nozomi Networks, Schneider Electric and Waterfall Security. By breaking down the silos across vendors in the OT security space, ETHOS will compare shared information to identify statistically significant behaviors, anomalies and indicators of new and novel attacks — for which there is no threat intelligence or known attack pattern available.

According to Marty Edwards, Tenable Deputy CTO - OT and IoT, “A big challenge for the OT industry is differentiating which threats pose an actual risk to an organization and where they are exposed to such risk. ETHOS is a vendor-agnostic initiative that aspires to cut through the noise by automating the discovery and dissemination of real-world threat information from its industry members. The goal will be to provide the entire community with more insights into threats targeting new and known vulnerabilities in OT systems. By working together, the OT security community is stronger and more cyber resilient.”

“A big challenge for the OT industry is differentiating which threats pose an actual risk to an organization and where they are exposed to such risk. ETHOS is a vendor-agnostic initiative that aspires to cut through the noise by automating the discovery and dissemination of real-world threat information from its industry members. The goal will be to provide the entire community with more insights into threats targeting new and known vulnerabilities in OT systems. By working together, the OT security community is stronger and more cyber resilient.”

— Marty Edwards, Deputy CTO - OT and IoT, Tenable

Organizations worldwide across both private and public sectors stand to benefit greatly from ETHOS, which will ultimately help them prevent incidents while maintaining availability of their critical services to the communities they support. With ETHOS, security and operations teams can strengthen their defenses and thwart the continuous threat of cyberattacks against critical infrastructure sectors.

Getting involved with ETHOS

ETHOS is a nonprofit entity run by an independent, mutual-benefit corporation across participating vendors. While founding member organizations will drive the initial cooperative development of ETHOS, any individual, organization or security vendor will be able to contribute to the open-source initiative, its direction and future developments. Interested parties can apply to become a member in June 2023.

ETHOS was created in response to the U.S. Cybersecurity and Infrastructure Security Agency’s (CISA) Shields Up initiative and the Biden Administration’s 100-Day Sprint, with the goal of reducing timelines for responding to novel threats targeting OT and critical infrastructure. The project is currently maintained by a community of developers focused on ensuring it grows to continue meeting the needs of cybersecurity practitioners who rely on actionable intelligence concerning emerging and novel cyberattacks. The ETHOS community adheres to a set of agreed-upon standard of core principles.

Tenable is excited to participate in this venture, and to continue helping our customers and the broader critical infrastructure ecosystem better protect themselves from new and evolving cyberattacks.

Learn more

• Visit the ETHOS Community
• Access ETHOS technology resources on GitHub