On the 11th Day of Christmas, the Industry Predicted…Better Security Collaboration

The final week before Christmas has arrived and now we are just a few days away from ripping into our presents, tucking into our turkeys and raising a glass as we toast the festive season, but just before we do we have the important task of bringing you our penultimate security prediction for 2017.

One common topic of discussion in the industry has always been a lack of collaboration across the security world, and as Scott Miles, senior director of cloud, enterprise and security portfolio marketing at Juniper Networks explained, “The security industry is slowly working towards collaboration between adversaries, but at the end of the day, collaboration remains nascent. Beyond sharing basic data, we still lack the interoperability necessary to address the next generation of threats.”

However, it appears 2017 could be the year that we see collaborative security start to come into fruition like never before.

“In 2017, threat intelligence sharing organizations will form among cloud service providers, which will improve identification of and reaction time to attacks,” Raj Samani, CTO EMEA, Intel Security, told Infosecurity. “While some businesses and cloud service providers do not perceive the benefits of threat intelligence sharing today, this will shift within the next few years. Whether driven by legislation or the aggressiveness of attacks, we will see much more threat intelligence sharing among businesses and cloud providers – and the benefits will quickly become clear.”

Although it may sometimes be embarrassing, he continued, organizations will realize that the benefits of sharing intelligence in real time about failed and successful attacks easily outweigh any disadvantages.

“Crowdsourced threat intelligence and collaborative analytics help form a more comprehensive picture of what is happening in the attack landscape. Threat intelligence sharing will make significant strides in 2017.”

This is an opinion shared by David Mount, director, security solutions consulting EMEA at Micro Focus, who argued that businesses should be collaborating more around the early indicators of compromise in order to understand the known mitigation path.

“While attacks can be targeted to specific organizations, finding an indicator of compromise is always the first step. Criminal gangs are trying to industrialize the process, so they’re looking for certain types of systems and searching for places to replicate a specific attack. This means the same tactics can be repeated hundreds of times.”

As a result, added Samani, the information security industry will need to continue working together and collaborating with law enforcement agencies to target these criminals. Further collaboration – and cyber threat intelligence (CTI) sharing – will be necessary as the cyber threat landscape evolves.

“To gain the upper hand in cybersecurity, businesses must reject conventional defense paradigms in favor of radical new thinking. One key step is working to be collaborative instead of hoarding information and learning to prioritize cyber defense. On a large scale, this makes life harder for cyber-criminals – and ensures data remains more secure.”

“Working together cannot be under estimated,” said Brian Honan, owner and CEO of BH Consulting, who pointed to the arrests of the two suspects behind the DD4BC DDoS extortion group and the sharing of Ransomware encryption keys through the No More Ransom initiative as just two examples of how victims, industry, and law enforcement have all worked together to tackle cyber threats.

“The line ‘I am a Rock, I am an Island’, from the Simon and Garfunkel song ‘I am a Rock’, is not feasible in today’s interconnected business environments. With the growth in the various technologies we use to better conduct businesses and to interact with our customers, the company that behaves like an island will become isolated and easy prey for criminals. In the past we have seen attacks by criminals being more successful than they should simply because companies did not admit they were victims or share details of the attack. Thankfully this trait is slowly changing and hopefully will accelerate in the future.”

>> On the First Day of Christmas, the Industry Predicted...More Ransomware

>> On the Second Day of Christmas, the Industry Predicted…Poor Routine IT Practices

>> On the Third Day of Christmas, the Industry Predicted…More Political Disruption

>> On the Fourth Day of Christmas, the Industry Predicted…CIOs to Reclaim Ownership of Data Initiatives

>> On the Fifth Day of Christmas, the Industry Predicted…More Social Media Attacks

>> On the Seventh Day of Christmas, the Industry Predicted…More Mention of AI

>> On the Eighth Day of Christmas, the Industry Predicted…Attackers Making Money

>> On the Ninth Day of Christmas, the Industry Predicted…GDPR Compliance

>> On the Tenth Day of Christmas, the Industry Predicted…Cloud Vendor Compromise

>>On the 12th Day of Christmas, the Industry Predicted…a Skills Gap Challenge

What’s Hot on Infosecurity Magazine?