Collaborate with the state: changing attitudes to information sharing in security
Sharing data to stop today's advanced threats
It’s easy to snap a stick that’s the thickness of your finger. It’s next to impossible to break a bundle of similar-sized sticks.
In Ancient Rome, a bundle of wooden rods known as fasces came to symbolise the power of the state and the law. The simple visual message was clear: we’re stronger when we face our enemies together.
This is a lesson for the ages, but it’s particularly pertinent at a time when our society is coming under a range of sophisticated, pernicious digital attacks from a range of foes. Organised crime, cyber terrorists, Internet vigilantes and state actors are all probing our defences for weaknesses, targeting and often defeating public and private sector organisations one at a time: Snap! Snap! Snap!
In the last few years, we have belatedly realised that we need a more coordinated, collaborative approach to our collective digital security. Unfortunately, it has taken a series of devastating cyberattacks such as Wannacry, NotPetya and Heartbleed to get us to this stage.
Yet there is good reason to be cautiously optimistic – not least because the private and public sectors are beginning to work together to combat cyber threats.
Sharing threat intelligence
In September ThreatConnect unveiled new research conducted among 350 senior cybersecurity decision makers, which found that two in five are sharing a range of data – on malware, ransomware or general cyber threats – with government groups or NGOs. Four in five agree that a better relationship with government groups would foster a better environment for exchanging threat data.
This might seem an obvious enough point, but it marks a significant shift in business thinking. Traditionally, businesses have been very suspicious about sharing any corporate data with outside organisations – let alone information about security breaches. No-one wants to wash their dirty linen in public.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
But there is a growing awareness that a common approach founded on sharing threat intelligence is the only way that we can begin to think about defeating the rapidly-evolving weapons deployed by those who would do us harm. 70 per cent of respondents said that coordinating data sharing with governments is one of their main priorities, and that the data they receive from government helps make them more secure.
But we have to admit that data sharing between the public and private sectors is still in its infancy. Among respondents with industry-leading threat intelligence programmes, three quarters (75 per cent) still say coordinating their data sharing with government agencies is a priority. Over a third also agreed that government can do many things to improve the way threat data is shared: creating and distributing defensive tools and techniques, providing regular briefings for cybersecurity employees about recent trends, and creating industry-specific groups to combat nation-state attackers.
Changing corporate culture
Rome wasn’t built in a day; it will take time to change the fiercely data-protective corporate culture to one that is more willing to share sensitive data. Here again, our research provides some encouraging insights. 70 per cent of organisations with mature threat intelligence programmes say they have blocked threats to the business that would have cost them an average of $7.8m (£6m) each in the past year.
To be truly successful in the fight against tomorrow’s threats, we have to change the perception of IT security as an entirely private concern. This piecemeal approach has failed us in the past, and cybercriminals have found it remarkably easy to pick off organisations one by one. It’s time to stand together, and to find our strength in unity.
Adam Vincent, CEO of ThreatConnect
Adam is an information security expert and is currently the CEO and a founder at ThreatConnect, Inc. He possesses over a decade of experience in programming, network security, penetration testing, cryptography design & cryptanalysis, identity and access control, and a detailed expertise in information security. The culmination of this knowledge has led to the company’s creation of ThreatConnect, the first-of-its-kind threat intelligence platform. He has more than 16 years of working experience.