Security groups link up in Chain of Trust

Three major computer-security organisations have joined forces to form a group called the Chain of Trust in an effort to provide a stronger response to malware.

The initiative will seek to link security vendors, researchers, technology companies, network providers and online-safety groups to share information and good practice about combating malicious software.

The initiative, announced on Tuesday, will be lead by the Anti-Spyware Coalition (ASC), the National Cyber Security Alliance (NCSA) and StopBadware.org. The ASC focuses on spyware and other internet-based threats, while the NCSA focuses on outreach to children and similar groups. StopBadware.org is a blacklisting organisation.

"Strong security in any one organisation or sector is not enough to combat an agile, fast-evolving threat like malware, which exploits security breakdowns between entities," said ASC co-ordinator Ari Schwartz in a statement. ""We all need to work together to build a system that can withstand and repel the next generation of exploits."

The individual groups that make up the Chain of Trust each list several major technology companies and security industry leaders as members: for example, ASC has Microsoft and Yahoo as members, the NCSA lists Cisco and Symantec as partners, and StopBadware counts Google and Mozilla as supporters.

The first task for the Chain of Trust initiative will be to map the links between the organisations within the group, to identify weaknesses.

"Only by identifying all the vulnerable links and understanding how they connect to one another can malware fighters get a handle on the problem and begin to develop consensus solutions," the group said in its statement. It plans to produce a report on the mapping effort in the next six months.