In an extremely competitive tech industry, firms can be eager to keep company secrets close to their chests.
However, amid the flurry of stories detailing cyber-attacks and data breaches against some of the country’s most recognisable brands, businesses of any size may have to consider the unthinkable, sharing company secrets with the competition.
In the past couple of months alone, major attacks have been attempted against M&S, the Co-op, Harrods, Cartier, North Face and others.
“The first thing you learn in intelligence school is, don’t share any of your intelligence,” said Chris Jacob, VP of global field operations at IT group ThreatQ.
Speaking to UKTN, Jacob explained why in the era of constant cyber threats, working together can make all the difference.
Threat sharing is the practice of organisations submitting information regarding breaches, attempted hacks and general security details, usually through a centralised body.
Doing so keeps all companies involved up to date regarding the latest methods and strategies of threat actors.
According to Jacob, it is a practice that has picked up a fair amount of steam in the US over the past 10 years but is slowly growing elsewhere.
“Where it becomes really helpful is if you can find it earlier in the chain.”
Jacob used the example of a large, well-resourced global bank that has discovered some suspicious traffic that has not yet caused any issues but has been enough to appear as a red flag.
“They’ve got every tool available, and they’ve got really smart people and lots of them,” Jacob said.
“Sharing that to organisations that are small regional banks really gives them a head start.
“That could be the key, then a smaller organisation says, ‘We saw that, and we saw the next couple steps’, and maybe the larger organisation hadn’t seen that activity yet.”
Caution against sharing company secrets with other firms can be a barrier to the adoption of the practice, but according to Jacob, it is far from the only one.
“If you share too widely then those threat actors know that you’re on to them,” he said.
“If you have a bit of information, and you keep that quiet for a long time you can watch for them. If the information gets too wide, they know that and they try to change up their tactics.”
This is why threat sharing is best done through dedicated organisations, often called Information Sharing and Analysis Centres (ISAC).
These groups will typically have a Threat Intelligence Committee (TIC) that regularly meets to establish a trusting circle.
“It helps to know that you’re all part of the same community and that you’re going to be responsible about the information that’s being shared.”
Read more: Authorised payment fraud falls as scammers switch tactics
The post Businesses turn to threat sharing to fend off hackers appeared first on UKTN.
