How to Take Measures in Your Business to Create a Safer Cyberspace

2016-09-13-1473786956-7318345-YiannisGiokas.png
By Yiannis Giokas

In the last few years, we have seen a shift in the way heists, fraud, terrorist attacks and cross-border disputes are executed. In an effort to minimize their chances of being identified, adversaries have moved from the material world to a cyber one.

Take, for example, the recent case of leaked emails from the DNC, the $81 million heist at Bangladesh Central Bank and SWIFT, and the infamous Target data breach that led to $19 million in settlements and a CEO's resignation. These attacks don't just affect enterprises and financial institutions due to financial losses, brand damages or regulatory fines: They have an impact on our economy and our society's well-being.

Today, we have security silos that don't communicate with one another. Security vendors won't talk to each other due to fierce competition for market share, and in the news, we are constantly hearing about new data breaches and successful heists.

Incidents like these highlight the need for cyber collaboration between public authorities, international organizations and private companies. If you are a founder, CEO, CTO or board member, you should be sharing the forensic data you collect each time you are under attack to help build counter-measures faster, and alert other companies and governmental agencies in the event of a larger outbreak.

When I was the founder of my former company, our team developed "MOREAL," a threat intelligence platform that was later acquired by my current employer. Platforms like this have been around for a few years now; they're developed primarily by startups and established security vendors. But while they're a very good start, they're only touching a small fragment of the problem. Many companies are not yet fully aware of the cost of cybersecurity attacks, and these platforms have been out of reach. The cost to have them implemented is substantial, and it's not guaranteed that vendors would exchange information with one another.

The U.S. Government has been taking a number of cybersecurity measures: They've initiated the processes for naming a federal CISO (a chief information security officer) and have introduced a threat-level scale and a directive for cyber cooperation on incident handling. Other nations, like the United Kingdom and the European Union, are also moving in this direction. I expect more countries will follow the same path.

But the cooperation between involved parties from both the public and private sectors shouldn't only be on the responsive end. Sharing information would help show early indicators of attacks, promote a faster detection of threats and lead to a shorter resolution time for the public, without hurting the growing industry of security startups and enterprises.

By creating a threat intelligence exchange, all threat-related information would be available anonymously, all stakeholders would have access to it, and each participant could use this information to protect their operations (e.g. a public authority or a private corporation) or to make a profit (e.g. a security venture).

Why would the exchange of threat intelligence be critical to success? Data runs over multiple layers, vendors, apps, systems and operators. Cyber attacks originate from multiple sources and come with multiple vectors. What organizations need is the capability to address an attack before it happens: Trend data and insights can enable attacks to be foiled proactively. Threat intelligence platforms can identify abnormal patterns and behaviors and provide customers with relevant alerts and mitigation strategies. The coverage of the data analyzed is key to ensuring success.

As carriers of high-volume, global internet traffic, telecom operators can play an important role. If they can exchange threat intelligence with these platforms in place, they will be able to provide organizations with a unique behavioral-based security of all the data running through their network. Now, imagine the advantage of having not only operators but vendors, enterprises, academia and governmental agencies participating in a threat intelligence exchange that shares details of past attacks and malicious activities at a multi-layer level. The sheer volume of data insights to analyze and the knowledge that would be attained regarding malicious behavior and threats would put us one step further towards achieving optimal security.

If something like this materialized, news of cyber fraud arrests and state-sponsored campaigns would be more common instead, and stakeholders would live in a much safer cyberspace.

Yiannis Giokas is a serial entrepreneur with domain expertise in cybersecurity, data analytics and telecoms. He is currently the Vice President of Research and Development at PCCW Global.