Cyber security has never been so important and in a post-pandemic world it is more important than ever. According to a recent report by Kaspersky, the number of the number of Trojan-PSW (Password Stealing Ware) detections increased by almost a quarter globally – 4,003,323 in 2022 compared to 3,029,903 in 2021.
In addition, internet attacks also grew from 32,500,00 globally in 2021 to almost 35,400,000 in 2022. With cybercrime still massively on the rise, organisations of all sizes can no longer adopt a head in the sand approach when it comes to cyber security and say that it isn’t something they need to bother with or worry about.
Many in cyber security have an excellent record of collaborating, but the industry remains fragmented and suffers from silos which can leave organisations vulnerable. These silos often arise because of an outdated, silo-based corporate structure. This in turn can leave an organisation vulnerable to data loss and disruptions to business continuity.
There are many organisations who are doing great work globally to help combat the growing cyber threat, but they largely remain isolated. As a result, the industry is often unaware of this great work. Greater collaboration with associations and entities in cyber security is the key to being stronger together as an industry when it comes to combatting cybercrime, but how can this be achieved?
Why is collaboration so powerful in cyber security?
Collaboration with associations and other key stakeholders in cyber security globally can reduce the time between the discovery of new threats and protection implementation, which in turn allows organisations to keep up with the ever-evolving threat landscape. Speeding up the delivery of threat intelligence is crucial for building a strong cyber security programme, and vendors should work on making it as easy as possible to break down the silos between different security disciplines.
Various associations, councils and other groups within cyber security have been founded globally, but they tend to work alone and work to “keep out” any perceived outsiders. Usually this is because of a competitive threat, and sometimes this is entirely justified for organisations to keep their distance from others. But if these important bodies joined forces and worked together to help combat the growing cyber threat this might go some way to help combatting it.
Barriers to successful collaboration in cyber security
Historically there have been many barriers to sharing threat intelligence, which can make collaboration difficult to implement at scale. For example, associations may be working on projects that they deem as strictly confidential, or they may include sensitive information from a national security perspective. Vendors might use data formats or APIs that require plug-ins or proprietary tools in commercial products for translation.
Cyber security often has a misguided perception that it is solely focused on a lone person sitting in a darkened room wearing a hoodie responding to the “bad guys”, and in terms of breaking down silos this image is not very appealing to those who are searching for a career that is focused on people and being part of a strong team.
The industry also needs to start talking about cyber security being beyond the default “ransomware” and “attackers” it often defers to. Therefore, the industry must change its siloed perception. While these barriers are of course a legitimate concern, there are many ways they can be overcome to enable greater collaboration.
Collaborating beyond borders to help combat the growing cyber threat
Many non-profit organisations have already been established which aim to make cybercrime more difficult and less lucrative, and they already collaborate well together on a global scale. Examples include the Cyber Threat Alliance, which takes threat information sharing to a new level in the hope that it will lead to greater protection for the public against cyber-attacks. This not-for-profit organisation encourages greater collaboration between cyber security organisations by enabling near real-time high quality cyber threat information sharing amongst its members and with the world.
In the UK associations and organisations such as the Cyber Security Alliance and the National Cyber Security Centre work together to foster greater collaboration, but the newly created entity Cyber Security Unity aims to take this to the next level by joining up with and collaborating with trade associations globally. The ethos of Cyber Security Unity is that associations are stronger together when it comes to combatting the growing cyber threat.
The role of governments in collaborating with associations
Governments need to play a major role in achieving greater collaboration, but the industry associations, who all operate in and fully appreciate the increasingly dangerous cyber-threat landscape, must take the initiative for real progress on greater collaboration to begin. The digital world is borderless, and attacks coming through are having a huge global impact. It may fall to the associations to educate governments on just how serious the cyber-threat problem is and of the potentially catastrophic impact they may have.
Once governments are working more closely with industry and treating cyber-threats with the seriousness they deserve, they can develop the necessary global infrastructure to foster collaboration. For example, the development of an international communication system, enabling intelligence to be rapidly passed between governments and organizations, in the same way as there are tsunami and terror warnings. The cyber industry must be at the forefront of such an approach and communication is key to global collaboration, but caution should be exercised as there has to be a strategy in place. To communicate effectively between different countries and organizations, associations need to join hands with everyone to build it together.
If associations in cyber security join up to work in a collaborative fashion, this will help to establish a more sound, successful, and strategic framework for cyber security. By making a conscious effort to improve information sharing globally, as well as through government and law enforcement agencies – the world will benefit from gaining intelligence and insights that will help strengthen defences against cybercrime. And that can only be a good thing.
Lisa is a Security Serious Unsung Heroes Awards finalist in the Security Leader / Mentor category. The awards, sponsored by Beazley, KnowBe4, KPMG, Qualys and The Zensory and organised by Eskenzi PR, aim to celebrate the people, not products in the cybersecurity industry.