In the early stages of the pandemic, the sudden shift to remote work triggered a flood of cybersecurity threats. Of the nearly 200 organizations surveyed in NextCT’s upcoming State of Cybersecurity Report 2020, the majority (70%) report challenges maintaining endpoint security. Phishing scams spiked; 73% of organizations cite them as their top security threat. Insider threats increased as well, and employers are looking for more adaptive security measures to safeguard remote workers.
Under normal circumstances, organizations would take time conducting such a massive transition to ensure critical operations remain secure. But a pandemic is not normal circumstances. Businesses have had to act fast, and cybersecurity teams have had to catch up.
Information sharing can reduce this lag time. By sharing information more freely, organizations can help each other address sudden shifts in working models and evolving cybersecurity demands to increase the overall resiliency of their operations.
Building trust in information sharing
For most organizations, understanding and assessing cyber risks is the top cyber resilience measure, and a majority claim they are confident in their ability to assess risks (59%, according to NextCT’s State of Cybersecurity Report). Both government and corporate leaders are deeply engaged in promoting effective cybersecurity strategies, and global spending on security continues to rise – yet there was an almost 400% increase in cyber-attacks between January and April of 2020.
Organizations definitely see the value in understanding new cyber threats and digital priorities, but they aren’t successfully accessing or using information about these topics. If sharing information can help, why aren’t organizations doing it?
A lack of trust, for one reason: Nearly 40% of CISOs claim that information sharing is hindered by a lack of trust.
Businesses are reluctant to share with each other in fear that doing so will reveal sensitive company information. Likewise, businesses are reluctant to share with government agencies because doing so may reveal instances of non-compliance with government regulations or may violate customers’ privacy expectations.
To be truly effective, information sharing needs to be transparent and open, across borders and sectors. Information sharing and analysis centers (ISACs) are non-profit organizations focused on providing the infrastructure and governance necessary to increase trust and facilitate information sharing between public and private sectors. These centers are on the rise, across geographies and industries, yet many organizations are still hesitant. For information sharing to become a mainstream concept, organizations need adjust their mindsets: Rather than thinking of intelligence only as something to be consumed, enterprises should also view it as something to be generated and shared with the community.
Collaborative cybersecurity: Communities of trust
Organizations are often reluctant to share information about their security breaches, in fear that doing so will negatively affect brand reputation and intellectual property. But a lack of trust and poor cooperation between industry leaders will only give cybercriminals the upper hand. It is not enough to have defensive measures in place. Organizations need to anticipate risks, and exchanging information can help.
Exchanging threat information within communities organized around specific industries or sectors (or any other shared characteristic) can be particularly beneficial because the member organizations likely face similar cyber threats – common tactics, techniques, and procedures used to target the same types of systems and information.
Cyber defense is most effective when organizations work together to deter and defend against well-organized, capable actors. Working with governments on cross-sector cyber-simulation exercises can strengthen sectoral resilience and minimize cross-industry impacts due to cyber catastrophes. Such collaborations will reduce risks while improving the organizations’ security postures.
Accelerated, automated cyber defense
Speed and scope are fundamental to an effective cyber-defense strategy. To act fast, organizations need a clear understanding almost in real time.
No single organization, public or private, can ascertain threats based only on its views of the cyber landscape. Senior leaders in the industry need to emphasize the importance of sharing information, which can contribute to deeper threat analysis and even increase scope for detecting future threats.
AI and machine learning (ML) will play a vital role in cybersecurity, especially on platforms where cross-sector and global collaborations are possible. Integrating AI and ML will drastically reduce threat-identification time by improving the manner in which information is received and the quality of that information. AI can help businesses understand the consequences of a breach and develop responses faster.
This does not mean that an AI-based security system is an all-in-one solution, capable of addressing all cybersecurity concerns. AI-based solutions need to be developed further, by scientists and the companies producing these technologies, before they reach such a level. And to get the most out of the technology available now, businesses need to implement it and correctly, alongside human security teams capable of feeding it the necessary information and refining its operations needed. AI and machine-learning solutions will only be as good as the data that is being used to train their systems, which underscores the importance of quality information that is readily available throughout the industry.
With the proper alignment of technology and meaningful governance, a more trustworthy model of information sharing is possible, which can build a resilient defensive posture for businesses and public infrastructures, globally.
COVID-19 has triggered a rise in interconnectivity among individuals and organizations. To continue supporting these connections and cybersecurity simultaneously, organizations need to work together to promote trust and the safe sharing of information.
To learn more about cyber information sharing, check out this report by World Economic Forum, with contributions from NextCT.