Businesses need to join together to combat cyber security threats, collaborating to keep each other safer.
“The next step in the cyber security evolution will be to bring the business community together to identify cyber criminals and threats,” says Sean Duca, Vice President & Regional CSO of Asia Pacific, Palo Alto Networks.
“By establishing a so-called cyber security ecosystem, businesses can create a type of ‘herd immunity’.
“If one business is attacked, the rest of the business community can be made aware of how the threat behaves and how to prevent it.”
Duca advises there are three key ingredients to creating a cyber security ecosystem:
1. Leveraging threat prevention communities
As a first step, members of commercial industries should join threat information sharing and analysis organisations that are linking trusted threat prevention communities together.
This is the foundation for a cyber security ecosystem that shares cyber threat information in real time using standardised methods - this strengthens the ability of everyone to detect and prevent cyberattacks.
“Companies not in the security space, like Nike for example, are working together in groups like the Retail Cyber Intelligence Sharing Centre,” Duca adds.
“Every organisation’s security experiences strengthen the entire ecosystem.”
2. Trusting each other
Developing best practices for sharing information and risk mitigation strategies requires long-term cultural change.
“Trusting your security information in the hands of other businesses can be hard to do,” Duca adds.
“However, collaborating and investing in the best technology available can accelerate the ability of the cyber ecosystem to learn, resulting in stronger protection for everyone.”
3. Machine-to-machine threat information sharing
Automated threat detection and information sharing lets businesses prevent threats that have targeted other organisations.
“Integrated systems that were built to work together can also be linked to information sharing repositories in the cloud,” Duca adds.
“Automated systems can learn to take actions by observing how the threats behaved and were prevented.”