Religious groups find their calling in threat sharing

The Washington National Cathedral (F Delventhal / Flickr)


Written by

When it comes to protecting faith-based organizations from hackers, divine intervention will only get you so far. Congregations, like any other collection of people, can benefit from trading threat intelligence to mitigate the spread of malware.

With that in mind, religious groups recently became the latest sector to create a threat-sharing hub by setting up the Faith-Based Information Sharing and Analysis Organization (FB-ISAO).

Citing growing threats to donor data and religious websites, the FB-ISAO’s backers said it will fill a void by working with technology vendors to offer faith-based groups threat analysis and make them more resilient to attacks. The organization, founded in June but publicized on Monday, is open to American citizens of all faiths.

Among the FB-ISAO’s services, promoted on its website, is a “simple, sensor-informed system and an intuitive user interface that integrates threat intelligence directly with your network. You won’t have to purchase high-cost equipment or software.”

Many faith-based groups collect information from their members and donors, making them a potential target for hackers.

“Faith-based organizations provide a sanctuary to those in need, but they often lack the foundational capabilities — information sharing, situational awareness and analysis — needed to make informed risk management decisions in today’s dynamic threat environment,” said William Flynn, president of GARDA Risk Management and an FB-ISAO board member.

“FB-ISAO is a trusted partner and addresses those gaps with resources to ensure the resilience of religious organizations,” added Flynn, a former critical-infrastructure specialist at the Department of Homeland Security.

A 2015 executive order from President Barack Obama encouraged private-sector groups to establish ISAOs to better share cyberthreat data. A host of sectors – from legal services to medical devices – have ISAOs as part of an effort to raise defenses against malware that might spill from one organization to another.

-In this Story-

faith-based groups, information sharing, ISAO, religious groups, threat intelligence