As organizations continue to struggle with the advancing threats and techniques of cybercriminals, there's a constant need to adapt and adjust strategies. This includes rethinking how information security teams are assembled, trained and managed.
2016 was dubbed the year of historic hacks. According to ZDNet, over 4 billion records were leaked across the globe last year - more than in 2014 and 2015 combined.
Cybercriminals conducted a wide range of high-profile data breaches, targeting everyone from government agencies and major tech companies to electric power grids and small businesses. Part of the momentum hackers are gaining stems from the rise of distributed denial-of-service (DDoS) attacks, which, essentially, use the aggregated computing power of many networks to fuel a massive attack on one entity, clogging their network with fake traffic and kicking it offline.
Infiltration through interconnectivity
The Hill recently pointed out, referring to the financial market in particular, that one of the biggest risks plaguing organizations is weaknesses in third-party partners. As networks grow and expand, they elevate the interconnectedness of companies. In turn, hackers gaining access into one party can quickly lead to a domino effect of destruction.
To combat this issue, it is imperative for companies to do their due diligence in order to develop and implement comprehensive InfoSec frameworks and policies then ensure they are adequately adhered to. Additionally, it's essential that cybersecurity is perceived and treated as a business management priority rather than an IT-related issue solely.
These are all necessary and indisputable steps in an effective InfoSec strategy. But they alone are not enough.
When cybercriminals infiltrate a network, the goal - in most cases - is monetary gain. Sometimes this happens in the form of ransomware, but a large number of incidents come from selling poached data on the dark web.
"Cybercriminals have long understood they are more powerful together than on their own."
It's not the access itself into a network that is of value to hackers - it's the information that can be gained once they're in. Information is the key asset.
On the dark web, hackers share everything from zero days and targets to vulnerabilities and stolen data. On this platform, the information that is shared can be used just as much for offering tips and guidance as it can be as a tool for executing an attack.
Cybercriminals have long understood that their ability to carry out an attack and inflict damage on an organization is much stronger when they band together rather than go it alone. It's this collaborative approach that allows them to stay creative and cutting-edge in their methodologies and techniques - and keep them always one step ahead of businesses.
Therefore, if organizations want to stand a chance against the cyberthieves of today, they need to adopt a like-minded approach to their security and defense.
To take it to the next level, The Hill explained, companies must focus on placing a stronger emphasis on information sharing among key players. The Cybersecurity Information Sharing Act of 2015 was a step in the right direction, but as it stands now, sharing threat information is voluntary.
Now more than ever, security intelligence is a critical component to maintaining safeguarded infrastructure. The timeliness in which information is shared can mean the difference between a massive data breach that cripples an organization and mediating a vulnerability before it has the chance to be exploited.
Collaborating to enhance cybersecurity
Similar to how hackers share and sell information to use to their advantage, organizations can increase their collaboration and communication in a way that helps establish a more sound, strategic and successful framework for cybersecurity. This initiative enables those who have fallen victim to a breach to alert others of the techniques used and, in turn, mitigate their risk of suffering the same fate.
"Information sharing leads to better insight and intelligence."
If companies are going to continue to increase their interconnectedness, it's imperative that those connections are protected. By making a conscious effort to improve information sharing among organizations - as well as government and enforcement agencies - companies will benefit from gaining the type of insight and intelligence needed to strengthen their InfoSec capabilities.
Taking it a step further, this concept can also be applied and adopted within organizations.
Information security operations tradecraft refers to the validated skills and abilities an InfoSec pro needs to perform their job functions within their operational domain. Each member on an InfoSec team has a role to play and, within that job, specific tasks they are responsible for carrying out.
And while each individual brings unique skills and capabilities necessary for a strong, mission-ready team, their competencies are of little value when they're not combined and integrated with others. Separately, team members are like individual bits of stolen information - helpful, but not nearly as useful as they are when they're combined and connected.
To learn more about the skills your team needs to maintain a collaborative, capable and proactive approach to cybersecurity - and the InfoSec training that teaches such skills - download our whitepaper: