Collective Defense: Making cybersecurity collaborative

Cyber Serious

9 July 2020

It’s no secret – countless organisations, spanning private and public sectors, are going digital. In 2020 the push to digitise has only become more abundant with COVID-19’s impact on how we work and function, particularly within the retail industry. According to a recent survey from ADAPT, 50% of private, public and hybrid organisations have increased their cloud workloads by more than 50% to enable remote working due to coronavirus.

With the adoption of digital practices for many organisations, and as the global pandemic begins to shift, an electronic illness has been brought to the surface: hackers and malware targeting organisations. You may have proper cybersecurity fortifications in place, but what do you do when a hacker is skilled enough to manoeuvre through your defences?

In a recent webinar, KJR partner company IronNet had their COO Brett Williams speak alongside IronNet APJ Vice-President Gaurav Chhiber and Threat Hunter Joel Bork. They explored the importance of collaboration in overcoming cybersecurity shortages through a concept called Collective Defense.

What is Collective Defense?

As Brett Williams explains, “there is no magic box” when it comes to conquering malware. While having protocols and antivirus systems in place is essential, in IronNet’s eyes the key is to maintain a multifaceted approach that provides defense in depth. Collective defense encapsulates this by allowing organisations to work together through a real-time interface and anonymously share resources to adapt to changes in cybercrime.

Brett: “… As a collective group, we can come together to defend ourselves better, by having full situational awareness and full visibility … We bring the strengths of each together so we are all stronger as a group.”

How does IronNet achieve this?

IronNet’s Collective Defense initiative utilises three elements in achieving their shared  approach to cybersecurity:

Threat Information Sharing

Brett: “We want to share our knowledge, company to company… and creat[e] a collective between organisations”.

IronNet’s Collective Defense approach allows organisations of similar industry, size and position to share data and insights with each other regarding relevant attacks and cyber threats. By anonymising data when sharing between organisations, individual companies can feel comfortable sharing information specific to any applicable threats or attackers that may be plaguing multiple organisations at once.

Collaboration

Brett: “Instead of every company having to look at every alert, you can crowdsource that… cyber specialists can collaborate and share expertise without putting their intellectual properties at risk.”

Hoping to make the most of existing staff and technology, sharing resources and metadata allows organisations to expand their capabilities without having to increase the size of their IT department. If a similar company looks into a potential threat and dismisses it, cybersecurity teams in other companies could utilise this knowledge to focus on more pressing matters. Collaborating between organisations allows for a more seamless cybersafe environment, as well as teamwork that quite literally spans the globe.

Visibility

Brett: “Having the same visibility across the whole country is the ultimate goal, and then being able to use AI, machine learning and behaviour analytics allows people to recognise where we are seeing similar behaviour in each area.”

Staying visible is possibly the most important aspect of Collective Defense. Many organisations are linked to others – either through partnerships, funnels or supply chains. Having access to updates from these companies in terms of cyber safety and security allows insight into cyber threats that could affect your organisation.

Why do we need it?

Joel: “[With Collective Defense] you can write, comment and share these with other organisations at machine speed… hackers are not going to wait for you to write up an email to warn others.”

Brett: “The quickest way to remediate is to see that someone else was attacked, to see the characteristics and behaviours of that attack, and look at your own environment… and proactively make that adjustment.”

In the wake of Australia’s government institutions and multiple of our essential organisations being targeted in recent cyberattacks, being able to collaborate to prevent cybercrimes across the country has never been more topical. Having the ability to share with others in a collaborative platform provides IT specialists the opportunity to both share their expertise and learn more in the process, preventing future cyberattacks for different companies and identifying any relevant ones to stay aware of. Coupling this with the fact that 53% of enterprises don’t actually know if their security tools are working, it only makes sense to collaborate and make changes as necessary.

After all, two heads are better than one. 😉

Interested in learning more about Collective Defense? Check out IronNet here. If the time is right for a review of your online security protocols, contact us.

You may also like