The CyberGreen initiative is a global non-profit and collaborative organization conducting activities focused on helping to improve the health of the global Cyber Ecosystem.

CyberGreen will achieve this by providing reliable metrics, measurements, and mitigation best practices to Cyber Security Incident Response Teams (CSIRTs), network operators, and policy makers.

These efforts will facilitate operational cleanup of systems, and will ensure that policy development and capacity building have the insight to focus on reducing systemic risk conditions.

Our Approach to Measurement and Mitigation of Systemic Risks

Two primary challenges must be overcome:

  1. Focusing on Symptoms, not Cause: Traditional approaches to cybersecurity have crucial limitations based on a reactive approach to addressing threats or incidents. Reactive approaches do not improve underlying conditions and reduce risk at a systemic level. Such approaches are analogous to treating malaria through providing medicine while leaving the nearby mosquito-ridden swamp untouched.
  2. Establishing Statistical Rigor: Existing cybersecurity metrics, specifically for risk conditions, have long suffered from a lack of statistical rigor. Challenges stem from many sources, including issues in collection, the inability to cross compare data, and a failure to apply normalization techniques. The absence of statistically meaningful cybersecurity metrics prevents the ability to compare infection rates within organizations and regions, efficacy of efforts over time, and blocks an effective evaluation of cybersecurity investments.

A sustainable approach to measuring cyber health and providing data is needed to improve the underlying conditions in the cyber ecosystem. CyberGreen seeks to provide the global collaborative hub that overcomes these challenges.

Access to CyberGreen’s Stats Platform and Mitigation Materials

Members and stakeholders have access to CyberGreen’s statistics platform, featuring metrics and visualizations of data, allowing for measurement of key indicators of malicious activity and risk conditions. This provides analytical insight about patterns, priorities, and trends for action by the CERT/CSIRT community and others. CyberGreen has also developed mitigation best practice training materials for four risk indicators (Open Recursive DNS, Open NTP, Open SSDP, and Open SNMP). A key subset of this effort includes CERT capacity building and information sharing workshops to encourage further integration.


Expected outcomes in 2017 and beyond

  • Adding additional risk indicators and data sources
  • Publishing quarterly reports on cyber ecosystem health
  • Managing a sustainable advocacy campaign
  • Producing additional training materials addressing other systemic risks for remediation
  • Establishing a network of training partners for capacity building in developing nations
  • Improving quality of data through implementation of CyberGreen Internet scans.

Participating members & partners