Advertisement

Religious groups find their calling in threat sharing

Citing growing threats to donor data and religious websites, the FB-ISAO’s backers said it will fill a void by working with technology vendors to offer faith-based groups threat analysis.
The Washington National Cathedral (F Delventhal / Flickr)

When it comes to protecting faith-based organizations from hackers, divine intervention will only get you so far. Congregations, like any other collection of people, can benefit from trading threat intelligence to mitigate the spread of malware.

With that in mind, religious groups recently became the latest sector to create a threat-sharing hub by setting up the Faith-Based Information Sharing and Analysis Organization (FB-ISAO).

Citing growing threats to donor data and religious websites, the FB-ISAO’s backers said it will fill a void by working with technology vendors to offer faith-based groups threat analysis and make them more resilient to attacks. The organization, founded in June but publicized on Monday, is open to American citizens of all faiths.

Among the FB-ISAO’s services, promoted on its website, is a “simple, sensor-informed system and an intuitive user interface that integrates threat intelligence directly with your network. You won’t have to purchase high-cost equipment or software.”

Advertisement

Many faith-based groups collect information from their members and donors, making them a potential target for hackers.

“Faith-based organizations provide a sanctuary to those in need, but they often lack the foundational capabilities — information sharing, situational awareness and analysis — needed to make informed risk management decisions in today’s dynamic threat environment,” said William Flynn, president of GARDA Risk Management and an FB-ISAO board member.

“FB-ISAO is a trusted partner and addresses those gaps with resources to ensure the resilience of religious organizations,” added Flynn, a former critical-infrastructure specialist at the Department of Homeland Security.

A 2015 executive order from President Barack Obama encouraged private-sector groups to establish ISAOs to better share cyberthreat data. A host of sectors – from legal services to medical devices – have ISAOs as part of an effort to raise defenses against malware that might spill from one organization to another.

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts