Cyber Security Sharing & Analytics (CSSA)

CSSA was founded in November 2014 by seven major German companies as an alliance for jointly facing cyber security challenges in a proactive, fast and effective manner. Contrary to cyber attackers who obviously have an incentive to collaborate, commercial enterprises originally have had little interest in sharing information on attacks and damages with others. This information asymmetry needed to be overcome.

CSSA creates a secure space for a coordinated, efficient and confidential information exchange allowing organizations to benefit from the knowledge of their peers, mutually support and learn from each other. CSSA focuses on sharing and analyzing cyber threat intelligence in a collaborative approach. Objectives are to better detect and understand threats and enhance response actions.


Members and Organization

CSSA is open for European enterprises with appropriate internal cyber security resources who are willing and capable to actively support CSSA and to share security-related incidents and information with peers. This demands a strong commitment of all members and a very high degree of confidentiality. The association has not set itself growth objectives but is above all targeting at qualitative advancement.

The founding members of the association include Allianz, BASF, Deutsche Bank, Deutsche Telekom and others. Currently, CSSA has 16 member companies. All members contribute the same membership fee and have the same rights.

The CSSA is a non-profit initiative and a registered association. You can find the statutes here.


General Assembly

Two members per member company

Board of Management

elected by general assembly:
Dr. Ralf Schneider (Chair)
Daniel Eitler
Ralf Garrecht
Dr. Silke Lechtenberg

Managing Director:

Samuel Blaas



Exchange in CSSA works on three levels:

  • the confidential expert exchange on incidents, threats and vulnerabilities at member companies
  • the technical exchange of Threat Intelligence via the CSSA sharing platform
  • the CSSA Situation Report for the CISOs and IT Security teams at member companies

An important prerequisite for the efficient collaboration within CSSA is a secure, technical exchange platform to share indicators, observables and analyses among members. CSSA currently uses MISP as the main sharing interface and tool.

A key success factor for CSSA is the trusted exchange and dialogue among its members. Currently, approximately 200 experts from member companies are connected within the association.

Several working groups ensure the operational implementation of CSSA’s objectives. All participants work on the basis of personal confidentiality agreements including a CSSA-specific adaptation of the Traffic Light Protocol (see



  • Managed and secure space for confidential exchange backed by strong statutes
  • Close and trustworthy network through limited number of selected member companies
  • High commitment of company representatives
  • Hands-on collaboration through active cooperation of experts
  • Development of capabilities through exchanging and benchmarking with peers
  • Sustainable support from central and shared CSSA resources
Pariser Platz


In case of questions regarding CSSA please do not hesitate to contact us: