Global Cyber Alliance – an organization founded by the New York County District Attorney's Office, the City of London Police and the Center for Internet Security – will be collaborating with M3AAWG to push the security community to more quickly adopt concrete, quantifiable practices that can reduce online threats. The non-profit GCA has joined the Messaging, Malware and Mobile Anti-Abuse Working Group, which develops anti-abuse best practices based on the proven experience of its members, and M3AAWG has become a GCA partner for the technology sector.
Launched in September 2015, Global Cyber Alliance's mission is to confront, address and prevent malicious cyber activity and improve the security of the connected world. It identifies and prioritizes areas of systemic cyber risk concentrating on measurable achievements, and has established Cyber Security Strategic Action Centres (CSAC) in New York and London.
In a recent announcement, GCA revealed that its first strategic area of concentration will be phishing with a focus on two solutions shown to be effective at combatting it: implementation of DMARC to limit spoofing of email and secure DNS practices to minimize the effect of phishing and other attacks.
M3AAWG has actively supported DMARC since its inception. It has also developed materials to help the industry fight phishing, including a video on using DNS "response policy zones” to protect against illegitimate websites, anti-phishing best practices for mailbox providers, and best practices to avoid potential problems for "parked" domains where email is not enabled.
GCA will also participate in ongoing M3AAWG work and the two M3AAWG North American general meetings and its annual European meeting. The M3AAWG 37th General Meeting will be June 13-16 in Philadelphia, Pa., U.S.A., with over 50 sessions including the co-located i2Coalition annual meeting.
M3AAWG Chairman of the Board Michael Adkins said, "The most effective best practices won't amount to much if the industry neglects them. At M3AAWG, we're able to tap into our members' experience to identify what processes are working against cyber threats around the world. Even so, it can be challenging to achieve the widespread implementation of these practices to protect the ecosystem. GCA's focus on cross-sector implementation and measurement will address some of the confusion and apathy in the industry, and will help mitigate cyber risks."