I am often asked why I am so certain that collaborating on security is such a necessity for organizations today, when the countless systems and complex security tools used to detect and protect are doing an OK job most of the time. My simplistic answer is that the good guys need to collaborate in order to beat the bad guys at their own game…. And last week’s exposure of China Vs. Federal employees is yet another case in point.
Recent breaches such as the IRS and federal government employee record hacks (i.e OPM), demonstrate how cyber offensive has become a mainstream tool in the hands of states and crime organizations to fulfil strategic objectives.
What’s more, government security policy in response to these hacks is creating a perfect storm, one which, we, as custodians of enterprise security, need to weather.
To date, the weapons of choice used to guard individual fortresses, such as endpoint security, network, perimeter security and monitoring/alerting platforms have been the tools of choice.
The sophistication levels of both cyber threats and enterprise expanded networks are increasing. As our network opens up to include external clouds and employees bringing in their own devices, the threat vectors also expand. It’s no surprise that we need to up our game in terms of how we monitor, alert and respond to threats. This involves a more coordinated and intelligent approach to enterprise security, one where we build on what we already have and make the whole greater than the sum of its parts. In other words we use our information and data in a collaborative and shared environment in order to foster accumulative synergy (which translates into power)among the ‘good-guys’.
Collaborating on Security Intelligence is a Natural Extension of Traditional Security Tools
Security is at a crossroads; collaborating on enterprise security is the way forward in defense and protection without compromising normal working.
We all recognize the importance of collaboration for increasing production, innovation and ultimately output by sharing data and knowledge. This is no less true when we enter the security arena. As we’ve seen, the recent attacks on the IRS and the Federal Government’s Office of Personnel Management have seen hackers conducting attacks in aggressive ways, leveraging previous success and relying on the lack of efficient knowledge transfer between the breached entities.
Traditional security tools are failing and CISOs have little choice other than to tackle enterprise security in a different way. By sharing security information, they will be better equipped to defend themselves and their wider community from security breaches. But this needs to be done in an environment of security, control and trust .Collaborative Enterprise Security enables organizations to create a holistic and inclusive eco-system across multiple associated enterprise sections or organizations, i.e. it supports both internal and external sharing of data within a secure context.
This framework builds an infrastructure for a secure working environment. It is built around shared intelligence, security monitoring, notifications and actionable items, allowing actionability by relevancy and, above all, maintaining compliance, regulation and data ownership.
Collaborating on security intelligence is a natural extension of traditional security tools. The information delivered by these tools is essential in making decisions around protection and security, but it is nearly always disjointed and can therefore be misapplied, overlooked and ineffective. The trick is to identify malicious activity and attack vectors and use that information, not just within a local context, but also across shared communities of internal and associated external organizations in order to better analyze and build contextual knowledge. This powerful method of security event identification and management is the new model for security.
The Future of Security and Data Protection: Beating the Hackers at their Own Game
It is safe to assume that while you are reading this post more agencies and private sector entities are being compromised using similar offensive assets and attack vectors used for the OPM breach. Collaboration is clearly a means to disseminate breach information more quickly and thereby limit the exposure.
Keeping data transactions flowing needs to be the main objective. Making that data secure, whilst in movement, is becoming an increasingly complex process – mainly in a global yet multi-jurisdictional environment. Without a new way of dealing with cyber threats, we will end up closing down that flow, and technology will become our Achilles heel, rather than an enabler. Embracing this new way of security thinking by taking the Comilion Collaborative Enterprise Security route makes for a smart security toolset. It is this change in thinking about security, building smarter security systems, synchronizing and enhancing intelligence and then ultimately sharing the output, that will meet the requirements of effective defense in this new era of cyber security threats.
Latest posts by Kobi Freedman (see all)
- Data Sharing Technology Revolutionizes Healthcare - March 14, 2016
- Data Sharing Gets a Ride: How Popular Ride-Sharing Apps Influence Policy On Sharing - March 1, 2016
- Data Ownership Questions Answered by Decentralized P2P Platforms - February 18, 2016