The security landscape is ever evolving and with each new threat comes an even stronger need to work together as an industry in order to elevate information security and stay ahead of malicious actors.
Public and semi-public agencies have long been collaborative in sharing their concerns, experiences, and solutions to meet cybersecurity threats. They share their concerns and discuss deployment of specific security tools, procedures and processes.
Many agencies in each state meet face to face consistently to collaborate – sharing actual incidents and breaches with each other – in order to learn and support those affected (and of course, those breach discussions remain within a ‘code of silence’).
One such organization is the California Counties Information Security Forum. This group is comprised of security executives representing all California counties. It meets in person four times a year to discuss specific malware threats (such as ransomware, phishing, etc…), address security and privacy compliance issues, and share strategies for protecting their organizations.
They agree to share resources and expertise in configuring tools as well as help in breach mitigation. This collaboration produces quickly maturing security programs for all California counties and has enabled participating counties to save hundreds of thousands of dollars.
On a national level, various federal government-supported organizations support states, local (counties, cities and municipalities), territorial, and tribal organizations in collaborative sharing, emergency incident response support, threat advisory notifications and overall security support.
Over the last several years, collaborative groups are growing in prominence. Outstanding cybersecurity support is given by agencies such as the Multi State Information Analysis and Sharing Center (MS-ISAC) and the Center for Internet Security (CIS); the Critical Infrastructure Cyber Community (CCUBE-C3VP) and the Department of Homeland Security (DHS). These national agencies are but a few of the resources that public entities (as well private) can take advantage of in their fight against the increasing cyberthreat.
Collaboration is not solely reserved for public agencies. Gone are the days when private, peer entities view their ‘security’ as highly confidential. More and more industry sectors are collaborating with their ‘competitors’ to bring high value to their security programs.
FS-ISAC (Financial Systems Information Sharing and Analysis Center) is one such public/private collaborative group. The private financial sector participants let their ‘sharing guard’ down in order to further their companies’ security maturity through high-level peer-to-peer collaboration.
As the financial sector realizes the tremendous benefits gained from collaboration with competitors, I believe many other sectors also will begin capitalizing on the sharing of ideas, concerns and solutions. Other ISAC groups include emergency, transportation, and air travel sectors.
Regional conferences that focus on CISO-level content and collaboration are excellent platforms to start conversations and build a network of peers. These various regional networks are becoming trusted resources for gaining insight, learning best practices, and increasing security protection schemas.
Sharing is not limited to peer organizations. What about shared cybersecurity goals of both the private and public sectors?
Let’s look at those industries that utilize industrial control systems (ICS and SCADA). All participants must come to the table to share the threat landscape as well solutions in processes and procedures that can make ISC/SCADA systems more secure and operations elevated to meet the increasing cyberthreat from the bad actors worldwide.
In the Critical Infrastructure Protection Councils (with each of its 16 sectors), the DHS encourages collaboration between both private and public sector participants. It is imperative these organizations share notes, discuss effective security strategies, and, as a group, attack these threats and advance as an industry.
Information sharing should include both physical and cybersecurity surrounding ICS/SCADA entities. Collaboration substantially bolsters efforts, deploying effective cybersecurity protections and the maturing of one’s cyber and physical security programs.
Recently, many of the cybersecurity vendors that provide proactive and reactive solutions (companies like HP, Palo Alto, ePlus, and Micro Focus, to name a few), have developed cybersecurity-specific roundtable discussion groups at forums and security events (and not merely inclusive of their own customers). These discussions facilitate the exchange of ideas and issues being confronted in the cybersecurity space and much can be gained.
Discourse encourages heightened awareness of existing and potential threats. It also reveals solutions available to mitigate such threats, and what technology must be developed or improved upon for security programs to remain effective.
All ‘partner groups’ can glean important information that allows supporting vendors to recognize ‘real world’ issues that they can, in turn, develop into new products. While this is extremely important to vendors, there is also much to gain by organizations that need better solutions to protect their environments.
When federal agencies (such as DHS and the ISAC’s), which have access to high-level threat analysis and on-going advisories, join the conversation, all sectors can collaborate to elevate cyberdefenses and strengthen the industry as a whole.
With so many resources and so much to gain from collaboration, there is no reason to be siloed. Collaborate with your peers at other competitive organizations. Start roundtables, schedule meetings and create cybersecurity information exchange councils. If you haven’t, start collaborating now.
And, by all means, check out the following organizations that elevate your security awareness through collaboration.
CCube (C3VP) Critical Infrastructure Cyber Community
Cyber Security Alliance
Cyber Task Force (FBI)
Information Systems Security Association (ISSA)
Infragard