em360tech image

Cybercrime is ever-evolving and with new tactics incorporating AI and machine learning, to state-sponsored adversaries carrying out advanced attacks, to repeatable ransomware models, the threat to the landscape is night and day from what we knew a mere half a decade ago.

The figures speak for themselves: if cybercrime were measured as a national economy, it would be the third largest in the world, only behind the US and China. Indeed, come 2025, Germany is anticipated to achieve a GDP just shy of $5 trillion – a year in which the total global cost of cybercrime is expected to exceed $10.5 trillion.

However, with the right responses and collective action, we can turn the tide on cybercrime,
together.

Creating an ecosystem for collective defence

Collaboration can bring major advantages to cybersecurity. We have already seen the value in developing shared threat intelligence feeds which can be used to inform security strategies and develop relevant solutions for use at scale.

It is promising, and we’re gradually seeing industry stakeholders taking steps to prioritise communications across the community. However, uncertainty and scepticism around a shared approach to security undoubtedly remain.

Now more than ever we need to work to eradicate this hesitancy and eliminate the idea that working with ‘rivals’ could impede competitive advantages.

If we are to overcome the daunting industry challenges ahead of us, we must venture towards building an environment of trust where ideas, resources and knowledge can be exchanged. It’s about developing an ecosystem of collective defence, bringing security professionals from across the sector together to learn from one another.

This is, of course, easier said than done – but there are a few fundamental cornerstones of effective collaboration and cooperation in security that should be leaned on to avoid reinventing the wheel...

Building a strong security-awareness culture

As an industry, we need to get comfortable with the idea of working together, and that will only
happen if we’re open and honest.

Many security-savvy organisations will already be prioritising education from the board level right the way down the employee base, ensuring that everyone is aware of security guidelines, adhering to policy, and contributing to improving the overall protective posture.

Moving forward, the same must happen among industry colleagues. Vendors, advisory boards, private and public sector organisations – everyone has different experiences, and these should be communicated. By coming together to discuss challenges, information and solutions, we will all benefit.

Threat intelligence excellence

According to a Twitter poll conducted by Infosecurity Europe last year, 45% of respondents felt that advanced threat detection is the cybersecurity challenge that would benefit most from increased industry collaboration.

Indicators of risk and vulnerability can be highly difficult to identify, and preparing for every new threat is impossible. However, by sharing threat intelligence, we can collectively improve the visibility of the landscape and quickly reposition to protect against novel and evolving attack methods.

Here, we need to address fears around sharing information. That means building trusted and transparent frameworks that stipulate how information is used and protected. Diversity and Inclusion in the cybersecurity workforce

Improving collaboration is not just about building better bridges between existing stakeholders. We must also broaden the net and invite others to contribute.

Diversity is undeniably beneficial. Just as different organisations will have different security experiences, individuals from varied backgrounds will likewise bring different perspectives to the the table that can inspire greater innovation.

Security needs to encompass all age groups, genders and geographies, rebalancing the industry so that it works for everyone equally.

Looking at Infosecurity Europe, it’s been great to see so many women thriving in our space. There is still a long way to go before we have gender parity, but it is improving.

You get the sense that there is growing recognition of security as a valuable profession – something we desperately need at the moment.

Maximising the opportunity of industry events

Things are undoubtedly moving in the right direction, but the industry must more proactively embrace collaborative opportunities. The more we discuss and share, the more unified progress we will make.

There are many ways to inspire greater cooperation. From face-to-face conversations to webinars that encourage open debate, a combination of avenues will be needed to bridge existing security gaps.

It’s amazing to see how much progress can be made through a few simple conversations – something I’ve witnessed first-hand time and time again at industry events like Infosecurity Europe.

From the key principles of security-first cultures to the changing approaches of cybercriminals, and insider threats to third-party risks, we operate in a sphere that can truly feel boundless at times. With events, we get the opportunity to bring together the industry’s brightest minds to identify and narrow focus on the most pressing issues of the day.

Indeed, there will always be more that we can learn. Government professionals will have different experiences to the private sector, who will have different experiences to think tanks, and so on. By sharing knowledge and experiences, security leaders can begin to mount a collective fightback.