Cybercriminals do not recognize borders, nor do they care about industrial sectors or the silos you have within your organization. Everyone is a legitimate target as far as these people are concerned.
These criminals collaborate to problem solve, quickly and easily share methods of attack, tools/techniques, and generally anything that will help them achieve their goals. This collaborative nature helps them quickly learn how to take advantage of our weaknesses.
Observations from the 9/11 Commission – points to lack of collaboration
“Since the plotters were flexible and resourceful, we cannot know whether any single step or series of steps would have defeated them. What we can say with confidence is that none of the measures adopted by the U.S. government from 1998 to 2001 disturbed or even delayed the progress of the al Qaeda plot. Across the government, there were failures of imagination, policy, capabilities, and management.” – Executive Summary, 9/11 Commission Report
What about the good guys?
We have borders — country, provincial/state, municipal. We operate in industry sectors and silos. We talk to each other to share information on case studies on blogs and at conferences months after an attack. We are reluctant to share data in case it compromises our customers.
What can we observe from these two positions?
Criminals are out-collaborating and out-innovating us
This is not a recipe for success. Collaborating to improve our security is imperative. We have examples of collaboration for defence everywhere. In nature, different species use each other’s alarm calls as early warning signals. There is defence collaboration in our history and in the world today. Humans have been so successful because we have learned to cooperate and collaborate, and we learned that working together in defence ensures better protection for all.
One of the most successful alliances on Earth is NATO. It has helped keep the peace in Europe and much of the world via the collaboration of 29 member nations. They collaborate on standards to make them interoperable; they reach out and engage with many other partners who are not part of the core membership.
There is no NATO for cybersecurity
Cyber defence is currently fragmented, everyone is looking after their own customers or at best industry sectors. We need to change this and realize that cybersecurity requires a team approach. Cybersecurity needs alliances that cross borders, sectors, and organizational lines. We must work together to better protect ourselves, our customers, our critical infrastructure, and our economies.
We must be willing to share information and data, best practices, methods, playbooks, and more – immediately if possible! Only then can we hold our own and keep our economies and citizens safe.
CyberNB has a project designed to showcase the value of collaboration and sharing to enable better defence. It is working on the practicalities of building trust to enable multi-sector organizations in both the public and private sectors. You can learn more about Canada’s first Critical Infrastructure Security Operations Centre here.
“While expanding collaboration is a common hope for many leaders, SRM leaders of the CyberNB Program has shown several strengths since the early days of the project. Partnerships that did not exist in the past have formed with competitors and alliances with companies.” – Gartner Case Study on New Brunswick
Our societies are better when we collaborate, and it is no different in cybersecurity, we must work together to better protect ourselves. Cybersecurity is a team sport!
Written by David Whelbourn