A crucial part of threat prevention is collaboration between businesses, and now more than ever it's necessary to build a cyber security ecosystem, according to Palo Alto Networks.
Sean Duca, Palo Alto Networks vice president and regional chief security officer for Asia Pacific, says, “The next step in the cyber security evolution will be to bring the business community together to identify cyber criminals and threats.
“By establishing a so-called cyber security ecosystem, businesses can create a type of ‘herd immunity’.
“If one business is attacked, the rest of the business community can be made aware of how the threat behaves and how to prevent it.”
According to Palo Alto Networks, there are three key ingredients to creating a cyber security ecosystem:
1. Leveraging threat prevention communities
As a first step, members of commercial industries should join threat information sharing and analysis organisations that are linking trusted threat prevention communities together, the company says.
Sharing cyber threat information in real time using standardised methods strengthens the ability of everyone to detect and prevent cyberattacks and is the foundation for a cyber security ecosystem.
“Companies not in the security space, like Nike for example, are working together in groups like the Retail Cyber Intelligence Sharing Center. Every organisation’s security experiences strengthen the entire ecosystem,” says Duca.
2. Trusting each other
Developing best practices for sharing information and risk mitigation strategies requires long-term cultural change, Palo Alto Networks says.
“Trusting your security information in the hands of other businesses can be hard to do.
“However, collaborating and investing in the best technology available can accelerate the ability of the cyber ecosystem to learn, resulting in stronger protection for everyone,” Duca says.
3. Machine-to-machine threat information sharing
Automated threat detection and information sharing lets businesses prevent threats that have targeted other organisations, the company says.
“Integrated systems that were built to work together can also be linked to information sharing repositories in the cloud.
“Automated systems can learn to take actions by observing how the threats behaved and were prevented,” says Duca.