What is Collaborative Cybersecurity in 2022?

It is easy to become overwhelmed by the sheer number of security tools and capabilities available in today’s market. This is a sign of a comprehensive cybersecurity and privacy program’s vast array of topics.

Look at the ISC2’s CISSP domains and the industry best practices documents like NIST’s SP 800-53. Every security professional must have a long list of incredibly diverse security capabilities.

• Security Engineering and Architecture
• Security Policy Framework
• Network Security
• Asset Security
• Identity and Access Management
• Audit, Compliance Assessment, Testing
• Security Operations and Continuous Monitoring
• Secure Application Development
• Security Training
• Configuration Management
• Incident Response
• Contingency and Disaster Planning
• Physical Security
• Acquisition
• Third-Party Risk Management

Even worse, each item in the list can be broken down into discrete security topics or requirements. Although the most trusted security guidance says otherwise, security can be a mile wide and one inch deep. Cybersecurity is a mile wide and a mile deep when done correctly.

Moving to an Openly Secure World

CIOs and CISOs used to refuse to share security information with the Information Sharing Analysis Centers of their industries (ISACs) not too long ago. They claimed their security information was proprietary and held it in the same regard as any other information that gave them an advantage over their competitors. This sentiment appears to be an extreme exception. ISACs have become a key provider of event and threat information. Many organizations participate openly in information exchanges.

The success of industry ISACs demonstrates a broader acceptance by the security community that cooperation is a more cost-effective and effective security method than any other. It is hoped that the shift in attitudes regarding sharing information risk can be extended into other cybersecurity areas, especially those involving labor-intensive security domains such as operations, continuous monitoring, network security, and third-party cyber risks. If organizations are already open to sharing critical security event information with their partners, what stops them from being more involved in the security community?

Working openly and in collaboration in cybersecurity is a great way to gain a lot. What could make us more efficient if we could subscribe to security services sharing lessons from many organizations? What could be more efficient than leveraging resources to stop threats from our ecosystem and large swathes of the internet? We should ask these questions if we want cyberspace to remain open and accessible for all.

The Open Operations Vision

It is common for security operations organizations to establish Security Operations Centers. SOCs are equipped with sensors and other technology that enable security personnel to identify, manage and respond to security incidents and misconfigurations in an organization’s environment. SOCs can significantly improve organizational security, but they also add the expense to the organization. The human cost of a SOC is typically the largest expense. Automation technology can help reduce that human cost, but it is still very costly.

SOCs were designed to manage large amounts of technology distributed across the globe. The distance between assets is not a factor in overhead. Organizations could save huge money and achieve economies of scale by consolidating security operations into centralized SOCs based on similar technologies. The organization could focus its time on security engineering and standardizing security configurations, which will give them more bang for their buck than the house security operations.

The Open Ecosystem Vision

Cloud computing and multi-cloud environments have made it easier to define boundaries between companies. Most organizations find the digital business environment hyper-collaborative. Organizations can expand their digital business environments almost immediately by selling digital products. Although many details are available about the benefits that a cloud-enabled platform can offer, it is not always clear what the security and privacy risks to an organization’s digital environment are.

Companies need better to understand the ecosystem throughout their business system’s lifecycle. 

A better exchange of cyber-risk data can lead to more accurate analysis. Threat intelligence can be used to provide timely and valuable insight that could aid your organization and vendors in avoiding breaches.

Conclusion

Collaboration is more powerful than any single security tool or concept. Open security collaboration can create economies of scale that will revolutionize how organizations approach cybersecurity and privacy.