Collaboration is critical in unlocking global cyber resilience 

Nicole Mills at Infosecurity Group argues for greater collaboration across the cyber security industry

 

The early part of this decade has been described by the European Union Agency for Cyber-security (ENISA) as the “golden era of ransomware”. Why? Put simply, there has been a 150% rise in ransomware attacks between April 2020 and July 2021.

 

The dates in question suggest that this spike is – at least in part – a result of the COVID-19 pandemic. And there is some truth in that.

 

The rapid digitalisation that global lockdowns helped accelerate has thrust the world into a new age of cyber threats. From evolving exposures and wider attack surfaces, to the possibility of one company’s breach leading to a cascading effect impacting many others, the opportunities for cyber criminals are abundant and, inversely, the challenges for security professionals overwhelming.

 

Critically, we’re not talking about a lost cause. From technologies to training, companies can invest in bolstering their defences in a variety of different ways and take a more proactive stance in dealing with modern day cyber attacks. Yet in terms of the big picture, there is more to be done.

 

I’m talking specifically about the need for greater collaboration.

 

We know that scientists debate things for a reason. They want their peers in the same field of study to review their methods and challenge their results because it carries a useful and necessary purpose in advancing scientific knowledge.

 

This shouldn’t be any different in cyber-security. By combining expertise and resources, we can answer greater and more complex questions.

 

Infosec industry demands increased collaboration

According to a January 2022 Twitter Poll conducted by Infosecurity Europe, advanced threat detection is the cyber-security challenge that would benefit most from increased industry collaboration. This is according to 45% of respondents, followed by social engineering threats (22%), incident response planning (18%), and governance, risk and compliance (15%).

 

Equally, the same survey showed that almost a third (31%) feel that the general public and consumers have most to gain from a greater sharing of ideas, resources and intelligence, followed by businesses (28%), their customers or end users (20%), and government and trade bodies (21%).

 

These statistics demonstrate a clear acceptance that greater collaboration within cyber-security will bring major advantages for society as a whole, not only the organisations involved. However, there are several hurdles currently getting in the way.  

 

A lack of cooperation was cited by almost a third (32%) of respondents as the main barrier to collaboration, followed by insufficient support from leadership teams (25%), lack of visibility (25%), and the inability to share information in real time (18%).

 

This needs to change. It’s vital that we take action as an industry to overcome anything that might be stifling open discussions; for example, a lack of opportunities to work together, or concerns over confidentiality.

 

We must work together to build an environment of trust and transparency where we can exchange knowledge, resources and ideas to combat security threats while protecting commercial sensitivities. By doing so, we’ll improve detection and response capability, enhance visibility, and avoid reinventing the wheel.

 

The role of events in cyber-security

As Exhibition Director of Infosecurity Group, I’m a staunch believer in the need for greater knowledge sharing in our industry.

 

It is something we are all too often lacking. Given the volume and complexity of the threats we face today, we need to encourage and enable industry members – be it businesses, individuals, government bodies or regulators – to come together and discuss issues and challenges as well as sharing experiences, information and solutions. 

 

I’ve been lucky enough to be in a position to gauge the thoughts of some of our industries brightest minds – and they largely agree.

 

Nitin Natarajan, Deputy Director, CISA (Cyber-security and Infrastructure Security Agency), for example, views collaboration as a force multiplier, holding the viewpoint that many collective benefits can be found in collective defence.

 

Meanwhile, Keith Martin, Professor of Information Security at Royal Holloway at the University of London, states that while organisations may be reluctant to discuss things from a competitive standpoint, security is an area where everyone benefits from collaboration.

 

I’m lucky enough to be speaking alongside Nitin and Keith at a key cyber-security industry event later this year, and events undoubtedly remain vital platforms from which key issues can be addressed at scale. However, they are just one piece of a much larger picture when it comes to considering the ways in which we can improve industry-wide collaboration.

 

Cyber-security is a fast-evolving sector where there will always be more opportunities to learn. Therefore, expanding collective knowledge will undoubtedly be vital in ensuring that we, as a unified industry, can begin to tackle the escalating cyber crime pandemic.

 

---

 

Nicole Mills is Exhibition Director at Infosecurity Group

Main image courtesy of iStockPhoto.com