It’s no surprise to anyone practicing security today that the threat landscape has grown increasingly complex. Modern attacks weave together exploits, malware, applications and evasions into long, ongoing attacks that can last days, months or even years. To respond, security teams have begun to take a more integrated overall approach to threat prevention in which multiple technologies work together and are evaluated in context of the user and application.
As the threat landscape continues to grow more daunting, it will become increasingly important that security teams find a safe way to share data concerning threats across organizational boundaries. In much the same way that we can benefit from correlating across information in our own security silos, we can also benefit from what other security teams are seeing in the wild.
It’s also important to remember that attackers are largely competitive with one another. While obviously attackers learn techniques by observing what works in successful attacks, the concept of sharing and collaboration is very rare. As enterprise security teams, we are obviously in a much better position to collaborate.
If security teams, both industry and government, can committo improved collaboration it will give these teams the ability to better track emerging infections and stay ahead of new malware techniques.
You can read up more about my thoughts on security collaboration in my SecurityWeek Article - "Combating Emerging Threats Through Security Collaboration". Feel free to connect with me in the comments below.