Lisa Ventura on cybersecurity collaboration
Cybersecurity has never been more important and in a post-pandemic world, it is more important than ever. According to a recent report from Kaspersky, the number of Trojan-PSW (Password Stealing Ware) detections increased by almost a quarter worldwide – 4,003,323 in 2022 compared to 3,029,903 in 2021.
Additionally, Internet attacks have also increased from 32,500,000 worldwide in 2021 to almost 35,400,000 in 2022. With cybercrime still on the massive rise, organizations of all sizes can no longer take a head-in-the-sand approach. when it comes to cybersecurity and saying it’s not something they need to worry about or worry about.
Many cybersecurity players have a great track record of collaborating, but the industry remains fragmented and suffers from silos that can leave organizations vulnerable. These silos often arise due to an outdated business structure based on silos. This in turn can make an organization vulnerable to data loss and business continuity interruptions.
Many organizations are doing great work globally to help combat the growing cyber threat, but they remain largely isolated. As a result, the industry often ignores this great work. Greater collaboration with cybersecurity associations and entities is key to being stronger together as an industry in the fight against cybercrime, but how do you get there?
Why is collaboration so powerful in cybersecurity?
Collaborating with associations and other key cybersecurity players globally can reduce the time between the discovery of new threats and the implementation of protection, allowing organizations to monitor the threat landscape by constant evolution. Accelerating the delivery of threat intelligence is crucial to building a strong cybersecurity program, and vendors should strive to make it as easy as possible to break down silos between different security disciplines.
Various associations, councils, and other groups within cybersecurity have been founded globally, but they tend to work alone and strive to “keep out” any perceived outsiders. This is usually due to a competitive threat, and sometimes it is entirely justified for organizations to keep their distance from others. But if these important bodies joined forces and worked together to help combat the growing cyber threat, it could help combat it.
Barriers to successful cybersecurity collaboration
Historically, there have been many barriers to sharing threat intelligence, which can make collaboration difficult to implement at scale. For example, associations may work on projects they deem strictly confidential, or they may include sensitive information from a national security perspective. Vendors may use data formats or APIs that require plugins or proprietary tools in commercial products for translation.
Cybersecurity often has the misperception that it’s all about a lonely person sitting in a dark room wearing a ‘bad guy’ hoody, and in terms of breaking down silos, that image isn’t very appealing to those who looking for a career focused on people and being part of a strong team.
The industry also needs to start talking about cybersecurity as going beyond the default “ransomware” and “attackers” it often relies on. Therefore, the industry needs to change its siled perception. While these barriers are of course a legitimate concern, there are many ways to overcome them to enable greater collaboration.
Collaborate across borders to combat the growing cyber threat
Many non-profit organizations have already been created with the aim of making cybercrime more difficult and less lucrative, and they already work well together globally. One example is the Cyber Threat Alliance, which is taking threat intelligence sharing to the next level in hopes it will lead to better protection of the public from cyber attacks. This non-profit organization encourages greater collaboration among cybersecurity organizations by enabling the sharing of high-quality, near real-time cyber threat information among its members and with the world.
In the UK, associations and organizations such as the Cyber Security Alliance and the National Cyber Security Center are working together to foster greater collaboration, but the newly created entity Cyber Security Unity aims to push take it to the next level by joining and collaborating with professional associations. globally. Cyber Security Unity’s philosophy is that partnerships are stronger together when it comes to fighting the growing cyber threat.
The role of governments in working with associations
Governments must play a major role in achieving greater collaboration, but industry associations, all of which operate in and fully appreciate the increasingly dangerous cyber threat landscape, must take the lead for real progress towards greater collaboration begins. The digital world has no borders and the attacks that occur have a huge global impact. Associations may have a responsibility to educate governments about the seriousness of the problem of cyber threats and the potentially catastrophic impact they can have.
Once governments work more closely with industry and treat cyber threats with the seriousness they deserve, they can develop the global infrastructure needed to foster collaboration. For example, the development of an international communication system, allowing the rapid transmission of intelligence between governments and organizations, in the same way that there are tsunami and terrorism warnings. The cyber industry must be at the forefront of such an approach and communication is key to global collaboration, but caution must be exercised as there must be a strategy in place. To communicate effectively between different countries and organizations, associations must work together to build it together.
If cybersecurity associations come together to work collaboratively, it will help establish a more robust, effective and strategic framework for cybersecurity. By making a conscious effort to improve information sharing globally, as well as through governments and law enforcement agencies, the world will benefit from obtaining intelligence and information that will help strengthen defenses against cybercrime. And that can only be a good thing.
Lisa is a Security Serious Unsung Heroes Awards finalist in the Security Leader/Mentor category. The awards, sponsored by Beazley, KnowBe4, KPMG, Qualys and The Zensory and organized by Eskenzi PR, aim to celebrate the people, not the products of the cybersecurity industry.