There are few similarities that can be drawn between cybersecurity and industries currently capitalizing on the sharing economy. Sharing a ride to the airport or staying in someone else's apartment for a week is a far cry from fighting cyber threats, but as the world becomes more and more comfortable with the idea of the sharing economy, there are a number of ways this mindset could make enterprises present a stronger, more united front against cyber-criminals.
Before diving deeper into why the sharing economy makes sense for cybersecurity, let’s first discuss the current state of cybersecurity. Security professionals are operating in an environment in which the standard is that security measures simply need to be better than the next organization, ensuring there are softer targets elsewhere for hackers to achieve desired outcomes.
“Better them than us,” is the basic concept. The idea that a company’s security posture is “good enough,” or “the best we can do with the resources we have,” is not only acceptable, but considered the norm.
How did we get here? The simple answer is that the threat landscape evolved faster than the security tools to stop them. The result is that companies have been stuck playing catch-up, being reactive instead of proactive, and deploying patch after patch to already crowded and complicated security stacks. Over time, these practices have taken a toll on organizations both from a technology and human perspective.
The overall challenge is that security teams are now stuck in a vicious cycle of having too many point solutions creating niche security data, but not enough advanced tools or skilled staff to properly identify, connect and address each threat. The root technology problem when it comes to most security operations solutions is that they are process-based, built to be react to incidents rather than address the threat landscape directly.
The human challenge is that security professionals are so busy responding to existing threats, they don’t have the chance to use or grow the more sophisticated skills that would allow them to be proactive before the next threat hits. Additionally, security teams don’t have the resources to address ALL incidents and struggle to determine which ones pose the biggest threat.
Sharing security data is not a new idea and in some ways and on a small scale - but usually through the filter of a vendor or via an information sharing and analysis center (ISAC). For example, when a threat report based on a large sample of data is released, many organizations can benefit from those findings.
However, due to the current cybersecurity standard of just being more secure than the next guy, there has been a resistance to creating a cybersecurity sharing economy on a broad scale, accessible in real time - having direct access to threat intelligence from a large pool of similar organizations. Here’s why more companies should consider joining the cybersecurity sharing economy:
Data is the answer, not the enemy. Some security professionals complain of suffering from alert fatigue and being bombarded with too much data. So, the idea of sharing data and having access to even more data might get some eye rolls. However, the data is not the problem. In the words of Sir Francis Bacon, “knowledge is power,” and this is certainly true when fighting a highly sophisticated enemy. It’s how the data is used that needs work.
Emphasize intelligence over static processes. What if, instead of responding to alerts that only tell a piece of the story, the data could speak for itself because it’s learned from other organizations and been made actionable? Today, incident response typically requires security professionals to manually put the pieces together to fully understand the threat. In a sharing economy, analysts could have a bird's eye view of incident data, and then use their advanced skillset to base proactive decisions on what the data tells them.
We need to raise our collective cybersecurity standards. Good enough is not good enough anymore. The longer organizations compete against each other, the more hackers will keep winning. When organizations share data, and collectively fight against a threat, hackers lose.
Would you consider joining the cybersecurity sharing economy?