Collaboration in the cybersecurity industry: It’s time to start disrupting disruption
Effective collaboration is a simple yet effective tool in building resilience to better protect those who rely on cyber professionals to keep them, and their businesses, secure. How though, as we move forward, do we keep this sense of collaboration from waning, and ensure the community continues to share and tap into each other’s best practices to improve solutions and applications?
Businesses have been accustomed to remaining silent around their cybersecurity practices for years, refusing to reveal any breaches or attacks which they may have fallen victim to unless absolutely necessary. Somewhat counter-intuitively, this reluctance to ‘show weakness’ for fear of negatively impacting end user trust actually made efforts to improve security more difficult in many cases.
COVID-19, and the disruption surrounding it, has spurred a newfound cooperation among security professionals, however. Thankfully, the mindset of not talking about security threats and practices is starting to wear thin, which is great news in the fight against threat actors. It is now clear that, with hackers constantly innovating and accelerating their tactics, techniques and procedures (TTPs), the best path forward is to prioritise consistent, transparent communication and teamwork across the cybersecurity community.
This is a huge leap in the right direction for the industry, and a move which has been long overdue. Effective collaboration is a simple yet effective tool in building resilience to better protect those who rely on cyber professionals to keep them, and their businesses, secure. How though, as we move forward, do we keep this sense of collaboration from waning, and ensure the community continues to share and tap into each other’s best practices to improve solutions and applications?
Lessons from the open source community
The open source community is the pinnacle of collaboration, and has been for years. Software development has advanced rapidly thanks to the coming together of a diverse range of minds, experiences, and approaches. Disruptive and innovative solutions such as Docker and Kubernetes, for example – which were founded in open source – have become widely accessible to all, grounded in the notion that ‘no one can whistle a symphony; it takes a whole orchestra to play it’.
Its value can’t be stressed enough, either. A 2021 Red Hat report, for instance, discovered that 90% of IT leaders use enterprise open source today. Top use cases cited included IT infrastructure modernisation (64%), application development (54%), and digital transformation (53%), but the most revealing statistic was that 83% indicated they were more likely to select a software vendor that contributed to open source projects. Clear evidence, then, that a team mentality matters to those in charge.
The speed of attacker innovation is one of the key factors in security developers becoming more reliant on sharing information openly. Securing applications is the first line of defence for an organisation, and so developers and security experts need to discuss ideas and best practices openly, and regularly seek advice and float suggestions – as is common in the open source community – if they are to build secure applications more quickly.
Prioritising a community-centric approach
A nimble and cooperative community only enhances cybersecurity efforts, and must be paired with a willingness to learn from one another so security teams gain the requisite knowledge to fortify defences, especially as the threat landscape continues to shift and accelerate. Reducing our insistence on ‘proprietary’ information and removing gate-keeperism is a key part of this process, and many security teams that had embraced these behaviours prior to the COVID-19 pandemic saw their ability to respond to attacks at speed increase significantly as a result.
That said, the onset of the virus did pose a significant challenge to these new behaviours. Culture is such a huge part of secure software engineering, and thousands of developers and security experts were deprived of the ability to quickly brainstorm and bounce ideas off colleagues when it hit. To counter its impact, many developers, engineers and security professionals moved to online collaboration, and open forums. This community-centric approach has now become the ‘new normal’, challenging and shaping the more traditional development methods the industry had become accustomed to.
The emergence of a more collaborative environment has come with one caveat, however. The rapid and open sharing of information has led to many in the community posting their source code up for everyone to share and use. While this sharing is vital to securing applications, it’s important that no hard-coded security secrets are inadvertently uploaded or leaked in this process.
Keeping the momentum
Attackers are getting smarter and more innovative, as are the TTPs they’re using, with many cyberattacks now doing serious damage to businesses, governmental organisations and consumers alike. Cybersecurity is a constant exercise in navigating disruption caused by threat actors. Not all security breaches can be stopped, but those fighting the good fight should constantly review, challenge and disrupt cybersecurity practices, solutions and approaches based on smart collaboration to better defend themselves against emerging threats.