Isolation is a Hacker’s Best Friend – Cooperation Can Offer Solutions
As companies accelerate their digital transformation, cyber risks proliferate. Enterprises and consumers are exposed to an ever-growing number of increasingly sophisticated cyberattacks. To overcome this common threat, executives from the largest companies in the world are starting to acknowledge the importance of cooperation. While years ago, reputed CISOs refused to share information about their security systems, they are now recognizing that collaboration leads to cheaper and more-effective means of security.
At Insight IGNITE, we developed an extensive network of high-profile cybersecurity executives. We regularly nurture our network by hosting intimate gatherings for leaders in our community to engage in conversation with the freedom to discuss topical issues in a more nuanced way than is typically offered by other networking events. During our last event, a select group of security leaders shared how they perceive and manage cooperation in their space. From this discussion, we identified four key layers of collaboration:
1) Employee Awareness
Humans are often the weakest link in the cyber-defence process. To shield themselves against cyberattacks, companies need to introduce employees to the different types of attacks and teach them how to behave when they detect one. It is important not to rely only on security policies, but to establish a security-first culture and share knowledge with individuals across the enterprise.
2) Cross-Department Coordination
In order to make security everyone’s priority within the enterprise, leaders need to empower and engage with all sides of the business, not just IT teams. To do so, they must incorporate and apply a “security-by-design” approach. This implies introducing security considerations to different processes across the organization, whether through procedures or technology and automation, from the onset rather than in retrospect. Embedding security into all business processes will allow for better and more-coordinated risk management.
“Organizations of all sizes ought to introduce and embed security considerations, whether through dedicated processes or technologies, into almost every aspect of their business, from the onset rather than as an afterthought. If this forward-looking ‘Security-By-Design’ or ‘Embedded Security’ approach is properly implemented, as seamlessly and as methodically as possible, it could turn cybersecurity from a potential proverbial showstopper into a true business enabler.”
– Eyal Balicer, Senior Vice President for Global Cyber Partnerships and Product Innovation, Citi
3) Peer Engagement
Unlike with other technology topics such as digital customer experience or automation, retaining security information will not provide a competitive advantage over industry rivals. In fact, there is a lot to learn from industry peers’ experience and the wider cybersecurity community. For example, dissemination of threat intelligence and guidelines can stop cyberattacks before they even happen. As organisations expand their digital footprint, participating in cyber networking and information exchanges will help them get instant visibility on the risk of adding a particular service.
4) Innovation From the Edge
Engaging with next-generation entities is useful to stay ahead of the latest trends and jointly build best-of-breed solutions. Innovation ecosystems such as Insight IGNITE enable this valuable two-way exchange that create virtuous cycles; start-ups and venture investors can introduce cyber leaders to new threats, and executives can advise early businesses on the applicability and scaling of their activities.
More than in any other fields of innovation, cooperation is key when it comes to cybersecurity. Enterprises and individuals need to pull their resources together to face their common enemy: malicious hackers. From the business employee to the industry peer or the disruptive start-up, stakeholders need to collaborate at all levels to build solid and efficient security systems.
Key Takeways:
In cybersecurity, there is strength in unity at all levels:
- Security leaders need to teach and empower employees to protect themselves and the company against everyday fishing.
- Cybersecurity must be embedded in all sides of the business, not just in the IT organization, with a “security-by-design” approach.
- Cyber leaders can learn from industry peers’ past experiences and experience information sharing for accrued risk awareness.
- Being part of an innovation ecosystem allows executives to stay ahead of the latest cybersecurity trends and learn about the latest solutions.