Active Cyber Interviews Maryam Rahmani of Global Cyber Alliance – Learn About Free DMARC and DNS Security Offerings to Fight Internet Threats

There are many “free” cybersecurity tools out there but it seems like there are just a handful that actually are having a positive effect on the global security issues of today. To offer two of these impacting tools like Global Cyber Alliance (GCA) is truly noteworthy, and they have the stats to prove their effectiveness. I ran across GCA for the first time only recently at a conference where I heard Ms Maryam Rahmani speak about GCA’s offerings and future endeavors. I was immediately impressed that they not only had a few solid offerings but backed them up with implementation help. I was also pleased to find out that they actually took metrics on the effectiveness of their offerings, which is often times much more than what happens when you pay for an offering. So to not take any more of Maryam’s thunder, check out the interview below with Active Cyber®  to learn more about GCA and Maryam Rahmani.

Spotlight on Ms. Maryam Rahmani

» Title: Ms. Maryam Rahmani, Global Partnership Officer, Global Cyber Alliance (GCA)
» Website: https://www.globalcyberalliance.org/
» LinkedIn: linkedin.com/in/cyberpolicyenthusiast

Read her bio below.

November 20, 2018

Chris Daly, Active Cyber: Please provide some background on yourself and your organization. Why was GCA formed and when? Who are the founding members? What is your key mission and messaging and how is GCA unique? What is your role and responsibilities and how did you personally become connected to GCA?

Maryam Rahmani, Global Partnership Officer, GCA: I am the Global Partnership Officer at Global Cyber Alliance (GCA). I am an electrical engineer by education and have been helping organizations for over two decades to address their challenges with a combination of technology, policy, and people.

After years of prosecuting cyber financial fraud crimes with no end in sight, the Manhattan District Attorney, Cyrus Vance Jr., knew that there had to be a better way to confront the cyber crime epidemic. Prosecution was a critical treatment modality, but prevention was the cure. After discussions with William Pelgrin, founder of the MS-ISAC and former President & CEO of the Center for Internet Security (CIS), the concept of what is now known as GCA was developed and is the product of input from many thought leaders which, from the beginning, demonstrated a commitment to a collective effort. The two then reached out to their partners in the fight against cybercrime, the City of London Police Commissioner and the Center for Internet Security (CIS), to understand what might be done. This resulted in a coalition to take on the uphill battle against cybercrime and a recognition that we need to come together as a global community to have a transformational impact on cyber security. With a bias towards action, the three organizations made their move. On September 16, 2015 the Global Cyber Alliance was formed to address systemic cyber risk through a proactive risk-based, solution-oriented approach to address and eradicate malicious cyber risks.

GCA is a global civil society organization with headquarters in New York City, London and Brussels. GCA’s mission is to take measurable action to eradicate cyber risk and make the Internet safer. We reduce cyber risk by developing and deploying practical, free, real-world solutions at scale that measurably improve our collective cybersecurity.

At GCA we leverage the strength and expertise of our global partner community of more than 240 organizations from 26 nations and 19 sectors to fulfill our mission. My job at GCA is to both support our existing partners; create coalitions in support of our projects both ongoing and upcoming; and expand our partnership and reach globally so that all like-minded organizations can be part of our noble pursuit of reducing cyber crime.

After Graduate School, I became aware of GCA and found its mission compelling and wanted to do my part to ensure cybersecurity for all, including those that are below cybersecurity poverty line. I felt the borderless nature of the Internet mandates an organization that brings all enterprises regardless of size, type, and nationality to work together in support of a collective mission of cybersecurity.

Active Cyber:  What are some examples of solutions that GCA has built and endorsed? Why were these solutions built?

Rahmani: The first cyber-related risk GCA went after is phishing via spoofed domain. GCA recognized that Domain-Based Message Authentication, Reporting, and Conformance (DMARC) is an effective email authentication Protocol for tackling a form of phishing known as direct domain spoofing. GCA discovered, however, that despite the tremendous benefits of DMARC, it was not being widely deployed in the public or private sectors. We wanted to make it easy and affordable for any organization or user to implement DMARC. GCA created the free, step-by-step DMARC Setup Guide, available in 18 languages, to help organizations of all sizes to implement DMARC. GCA also recently published a white paper in support of the measurement part of its mission and highlighted the ROI associated with the DMARC implementation, showing that the 1,046 domains that have successfully activated strong protection with GCA’s DMARC tools will save an estimated $19 million to $66 million dollars from limiting business email compromise for the year of 2018 alone. GCA has been working at the government level to encourage adoption of DMARC. The UK government, US government and most recently Dutch government, have all adopted DMARC as part of government cybersecurity requirements to protect email.

At the same time, GCA took measures to leverage the Domain Name System (DNS) as a means to prevent phishing and other malicious activity. GCA created Quad9, a free, recursive, anycast DNS platform that provides end users with security and privacy. GCA partners were integral in its creation of the service. Today it is blocking connections to more than 2M malicious sites per day without compromising the user’s privacy.

Active Cyber: Who are some of your current users? How do you deliver the solution to users? Do you provide training or on-site / remote support? Do you maintain an in-house staff to manage changes, bugs, and updates to the solutions?

Rahmani: A wide variety of organizations are using GCA’s product for free. This includes government, business, education systems, and other non-profits. We keep a list of domains that have visited our DMARC Setup Guide and implemented DMARC at the various policy of None, Quarantine and Reject. In fact, more than 31,000 users from more than 180 countries have visited GCA DMARC Setup Guide.

Quad 9 has resolvers in 129 locations in 76 countries, deployed on all continents expect Antarctica. Earlier this year, New York City adopted Quad9 to protect its guest and public WiFi as part of it NYC Secure program. GCA provides training via monthly webinars and provide remote support for individual cases. We do have a group of software developers that manage our software development lifecycle including changes, patches, updates, etc.

Active Cyber: What is in your current research agenda and solution pipeline?

Rahmani: GCA recognizes the importance of small businesses in the global economy and is working on the creation of a cybersecurity toolkit for small businesses. The goal is to provide practical guidance and hands-on tools that these constituents can implement to keep their enterprises more secure. GCA will be leveraging its global partner community to reach these stakeholders. Subsequent toolkits will be developed to assist other sectors as well.

Additionally, GCA is working with smart cities implementers, civil society organizations, governments and the vendor community to help keep the Internet of Things (IoT) devices more secure so that they can continue to seize the promise of technology to improve their constituents’ quality of lives and defend against IoT-related vulnerabilities.

Active Cyber: A key tenet of GCA is measuring effectiveness of solutions that you build and make available to the worldwide community. How do you gather measurement data and what have the metrics shown to date for the key solutions that you offer? Do you offer your measurement data to other researchers?

Rahmani: You are correct, GCA’s tagline is: Do Something. Measure It.
We are able to measure deployment of our DMARC solution, as well as the scope and breadth of our Quad9 solution, which I highlighted a bit earlier We also delivered on the measurement part of the mission again recently, when we hired a third-party researcher to study the ROI associated with DMARC implementation. The researchers used available data from FBI and GCA Partners to zero in on the effectiveness of DMARC in combatting a costly form of phishing known as Business Email Compromise (BEC). The findings were astonishing and validated the effectiveness of GCA’s DMARC Setup Guide and its evangelizing of worldwide DMARC adoption both by making the free tool available to the world but also by GCA’s policy outreach campaign to governments encouraging its adoption. DMARC is driving millions in cost savings and has resulted in a significant reduction in risk. The executive summary and full report can be found at www.globalcyberalliance.org

Active Cyber: Since GCA’s solutions are free to anyone, what funding sources does GCA use to sustain its mission?

Rahmani: GCA’s seed funding was generously made possible by the Manhattan District Attorney who committed $25 million in criminal asset forfeiture proceeds to fund this critical work over a five-year period. The Center for Internet Security and City of London Police also made significant contributions in providing space, funding, staff, and assistance with building strategic partnerships.

We are looking beyond the five-year funding, and are looking to our partners, grants, foundations, and organizations that believe in our mission and would like to empower us to continue with our mission.

Active Cyber: What roles do partners play and how are partners added? Do they provide specific solution development or sustainment support?

Rahmani: GCA’s partners are an integral part of its operation. GCA conducts outreach to spread its mission within sectors and geographies. To join GCA is free and GCA is looking for organizations that are willing to contribute to its operation and mission by active participation and support.
Partners are encouraged to take one or more roles in support of GCA’s mission of taking measurable action to reduce cyber risk, including:
● Supporting GCA’s mission;
● Contributing subject matter or technical expertise;
● Making a substantive contribution to cyber risk eradication;
● Promoting GCA to a specific constituency, through leadership and communication;
● Participating in GCA projects;
● Adopting GCA solutions; and/or
● Contributing to GCA’s long-term sustainability.

Active Cyber: How can interested parties stay abreast of GCA offerings and get involved in their development?

Rahmani: We encourage all interested bodies to visit our website and get involved. Visitors should opt-in to receive information from GCA and stay abreast of our offerings.

Thank you Maryam for sharing information about the outstanding work and offerings by Global Cyber Alliance. It sure seems like GCA is getting some great traction worldwide to combat cyber attacks and fraud. I don’t know of many other organizations that are having such a profound impact on improving cybersecurity worldwide. I certainly hope to see renewed commitment and investment in GCA’s mission in the years to come. I recommend to my readers to find ways to participate in GCA’s work and check out the GCA website to find out how.

And thanks for checking out ActiveCyber.net! Please give us your feedback because we’d love to know some topics you’d like to hear about in the area of active cyber defenses, PQ cryptography, risk assessment and modeling, autonomous security, securing the Internet of Things, or other security topics. Also, email marketing@activecyber.net if you’re interested in interviewing or advertising with us at Active Cyber™.