After broadening and lowering its pricing, the Canadian Cyber Threat Exchange is now actively urging small and mid-sized business to join to help improve their awareness of and response to online threats.
Officially the new pricing categories, which start at $500 a year for organizations with up to 99 employees, started at the beginning of the year. Until then a small firm had to pay $5,000 a year, while mid-sized firms paid $20,000 a year.
With the expected refreshing of the CCTX web site today that includes publishing the new prices, it’s hoped the pace of recruitment will pick up.
The exchange, which began in early 2016 focusing on bringing in large enterprises like Air Canada, Bell Canada, Royal Bank of Canada and Telus who could pay for services such as data threat feeds and a private, secure portal where designated infosec pros can exchange messages.
Membership has grown to 50 organizations. With the new pricing and categories Mary-Jane Couldridge, director of business development, hopes it will at least double that in the next 12 months.
“For organizations in the past it was not affordable. It is now affordable,” she said in an interview. “Cost shouldn’t be a bar to companies coming on board,” added exchange executive director Robert Gordon.
The main part of the exchange delivers machine readable information through the Structured Threat Information eXpression (STIX) and Trusted Automated eXchange of Indicator Information (TAXII) protocols. That’s fine for sophisticated infosec teams, but not for small organizations, who often have information security overseen by managed security providers.
To accommodate small firms the new entry-level associate membership category will deliver simpler threat information through email messages. “It helps business owner do their due diligence in terms of their legal obligation to protect their customer and corporation information,” said Gordon, “and helps them make an informed decision as far as what’s their relatively level of cyber resilience.”
Like all member firms, associate members are also entitled to log into CCTX webinars and attend conferences.
“As we get more companies in that space we want to make sure we design products useful for the small business owner,” Gordon added. CCTX is also designing webinars for small business with the help of the Canadian Federation of Independent Businesses (CFIB).
There are four other new categories. Each level allows an increasing number of staff to access the exchange’s secure information and forums and to attend conferences:
–Bronze (100 to 249 employees). $2,000 a year;
–Silver (up to 499 employees) $5,000 a year;
–Gold (up to 1,499 employees) $10,000 a year;
–Platinum (up to 4,999 employees) $25,000 a year;
Companies with more than 5,000 employees are Full members and pay $50,000 a year.
“What the CCTX does is also collaboration,” Gordon said. “It brings people together to try to understand what’s going on. Just giving an indicator of compromise isn’t enough.” So the private forums allows members to exchange best practices.” The first of these is a portal for the electric generating sector, with portals for other industries expected to be created.
CCTX holds its annual conference Feb. 26 in Toronto.