Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Sunday, 29 January, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

United we stand: fighting data theft with intelligence sharing

by The Gurus
March 23, 2017
in This Week's Gurus
Share on FacebookShare on Twitter

Undoubtedly, today’s borderless networks pose security challenges and provide hackers with greater scope to cause chaos. A data breach in one organisation’s network can provide hackers with an avenue into another, and initiate a chain-reaction of breaches compromising the confidential data of numerous organisations.
Though data sharing is actively encouraged, there has not been a big push  to ensure that organisations are sharing threat intelligence with their partners and peers. Instead, it has been too easy to dismiss the importance of ensuring that organisations are collaborating on security.
Share and share alike
Since the political, reputational, and financial consequences of admitting to a breach can be severe, it is no surprise that most organisations choose to remain quiet about the threats they encounter. Informal information sharing is already taking place to an extent behind closed doors, with partners exchanging data through ad-hoc email or personal discussion. However, confidential, peer-to-peer networks shrink the pool of insight and make it almost impossible to coordinate large-scale, industry-wide responses.
What’s more, data classification legislation including the upcoming European General Data Protection Regulation (GDPR), means that many sectors are restricted in what information can be shared. As a result, many collaborations are only of limited use. This leads to poor response times, general unpreparedness and a lack of coordination once a threat has been detected.
Fortunately, attitudes are changing. Cybersecurity is losing its reputation as something that must be hidden at all costs. Crowdsourcing information has seen considerable success in both healthcare and law enforcement, and there is no reason why these advances cannot be repeated in cybersecurity. As a result, information sharing within collaborative groups of trusted peers is set to be a game-changer in tackling and enabling defences against industry-specific threats.
Crowdsourcing and community construction: the potential of peer-review
Already, a growing number of organisations are collaborating across industries and competitive divides to share valuable insights that can protect their shared industries. For example, in 2013, the UK Government established the Defence Cyber Protection Partnership (DCPP), with the aim of boosting cybersecurity collaboration between the private and public sectors. It is a combined  effort between the Ministry of Defence, the Department of Culture, Media and Sport, trade associations and the TechUK organisation. It enables officials to coordinate the nation’s response to emerging threats. The same information is available to participants in defence, commerce, innovation, and the civil service, boosting the chances of a successful threat response.
Information Sharing and Analysis Centres (ISACs), Information Sharing and Analysis Organisations (ISAOs) and communities of cybersecurity analysts work in a similar way, built on trust and the common desire for large-scale collaboration. Members agree on the rules and principles that govern community participation, including the level of anonymity and what data should be shared at what time. Collective goals and values as well as clear, agreed-upon boundaries encourage initial sharing. Trust grows, working relationships expand, and collaboration eventually occurs organically.
Participating in ISACs, ISAOs, and other collectives enables a distributed defensive intelligence network that quickly identifies and disrupts attacks across that network. Intelligence sharing helps organisations identify additional indicators, capabilities, and tactics that adversaries may employ against them.
Work together, thrive together
Any time you can force the adversary to step away from the battle, lick their wounds, and ultimately abandon operations against your organisation because it’s no longer worth it, is a success. If done successfully over time, information sharing and research supports an organisation’s day-to-day defences while also potentially approaching a tipping point with respect to the adversary’s perceived risk.
Sharing intelligence with like-minded organisations and communities that seek to understand the same adversaries is an essential way to enrich companies’ understanding of common threats, and turn that into actionable insights that counter the adversary in question. Denying the adversary any degree of success and punishing them for each intrusion attempt, through information sharing and exposure, presents the adversary with a cost/benefit decision point.
Strength in numbers
Every day, more organisations are collaborating in the fight against cybercrime. Regardless of sector or cybersecurity maturity, businesses are seeing the benefits of having their security specialists working and communicating with each other. For example, recent partnerships between GCHQ and Wayra UK and competing banks Santander, Deutsche and Barclays point towards a larger trend of public-private and cross-competitor cooperation.
Forward-thinking organisations recognise that unifying people, technology, resources and intelligence are the foundations for future cybersecurity. Ultimately, it only takes one weak link to break the chain during an attack and allow an adversary to breach all parties. However, collaborating organisations can piece together a more comprehensive profile of a given threat and gain a better understanding of enemy tactics without significant added time. Community collaboration notably reduces the costs involved in understanding an evolving threat landscape. It helps participants gain insights that may not have been otherwise available to them, leading to faster and more targeted threat response.
By Adam Vincent, CEO at ThreatConnect

FacebookTweetLinkedIn
Tags: CyberdataprivacysecurityTechnology
ShareTweetShare
Previous Post

How will Blockchain make the payments industry more secure?

Next Post

Majority of UK Biz Lacks DNS Insight, Leading to DDoS and More

Recent News

Data Privacy Day: Securing your data with a password manager

Data Privacy Day: Securing your data with a password manager

January 27, 2023
#MIWIC2022: Carole Embling, Metro Bank

#MIWIC2022: Carole Embling, Metro Bank

January 26, 2023
Lupovis eliminates false positive security alerts for security analysts and MSSPs

Lupovis eliminates false positive security alerts for security analysts and MSSPs

January 26, 2023
Threat actors launch one malicious attack every minute

Threat actors launch one malicious attack every minute

January 25, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information