Cyber security seeks safety in numbers

Modern cyber security is about responding rapidly, isolating attacks and sharing information. Innovative technologies such as cloud-based solutions and big data analytics are helping.

“One big trend we are seeing which is helping on this front is the rise of ISAOs (information sharing and analysis organisations) which enable the sharing of information about cyber attacks between businesses and between governments,” says Karl McDermott, head of connected solutions at Three.

An Obama White House initiative, “the concept behind ISAOs is that the hackers are working together, so the potential victims should be too”.

It marks a major shift in mindset for organisations and businesses that, up until recently would have found the idea of admitting to having been attacked, let alone sharing information with competitors about what was lost and how, anathema to them. “With ISAOs, if a threat is found, that information is shared, as a way of mitigating it,” he says.

Banks too are joining forces, establishing cyber defence alliances. “It’s all about working with each other to achieve a rapid response, so that when, say, a new ransom ware threat emerges in one business, others can move to protect themselves. The trend is increasingly for these trusted, connected networks of companies to start talking to each other and developing protocols whereby they can pass on that information too. And, by working together on this, they are able to reduce costs too,” says McDermott.

The European Union recently approved a Network and Information Security Directive with similar objectives. The Directive requires that member states form a Computer Security Incident Response Team, and that businesses in critical infrastructures notify national authorities when cyber security incidents occur. It also mandates that businesses set up a co-operation group to facilitate sharing of information about risks.

Accountancy and professional services firm PWC identifies this collaborative trend in great depth in Toward New Possibilities in Threat Management, essentially key findings from its Global State of Information Security 2017.

It looks at some of the pioneering work being done by the US state of Virginia, which announced the formation of a state-level ISAO two years ago and was one of the first US states to do so. Virginia was also the earliest state to implement the US’s NIST Cyber security Framework, which specifically encourages the sharing of cyber threat information to enhance security.

As such, it paved a path that organisations in this part of the world are increasingly likely to follow. And it is still leading the way. Virginia recently established a public-private working group with Virginia State Police, to address the potential for cyber attacks on connected automobiles.

The working group comprises stakeholders from federal and state government agencies, academia and private sector cyber security companies. The group aims to help officials understand how to detect and prevent cyber security attacks on vehicles and on other consumer devices. The rise of the so called Internet of Things – smart, connected, digital devices – makes this a pressing issue globally.

But it doesn’t stop there – Virginia leads the way in relation to implementing a threat-intelligence solution from a cyber security solutions provider. Like public organisations the world over, the US state is a repository of personally identifiable information about its residents, from births and deaths to tax returns and health information.

In 2016 the state’s officials noted an increase in phishing attacks. It responded by implementing a threat-intelligence solution that enables it to monitor inbound and outbound traffic for suspicious activity and malware.

The solution also helps security analysts safely execute and inspect advanced malware, ransomware and advanced persistent threat attacks, known as APTs.

Says the PWC report, "This united front against malicious adversaries makes the commonwealth's motto Sic Semper Tyrannis – Thus Always to Tyrants – more fitting than ever."

[ https://www.pwc.com/gx/en/issues/cyber-security/information-security-survey.html ]