Cyber-related information sharing is increasing

Response to national- and industry-level calls to action required.

A complex relationship between the reported level of confidence organisations have in their cybersecurity posture and their ongoing attack volume and impact.

Despite rising confidence, incidents are increasing, too, reports IronNet in its commissioned independent research firm Sapio to survey 473 IT security decision makers in the technology, public services, financial, and utilities sectors across the United States, United Kingdom, and Singapore.

While 92 percent of respondents express confidence in their current security technology stack, adversaries are still evading traditional defensive technologies. Nearly half of respondents cited a rise in cyber incidents in the past 12 months, in part due to the increasing sophistication of attacks; and the SolarWinds attack cost, on average, 11 percent of affected respondents’ annual revenue.

What is helping, however, is information sharing: Responses revealed positive effects of cyber-related information sharing on an organization’s overall cybersecurity posture.

  • 90 percent of respondents indicated that the security posture of their company has improved over the past two years.
  • 72 percent of companies who have increased information sharing with industry peers report their overall security posture has improved over the past two years.

Despite the reported benefits of information sharing for improving cybersecurity, respondents indicated that there are still obstacles that limit collaboration among industry peers: concerns about data privacy and liability (53 percent), the lack of an automated or standard mechanism to share information with peers (34 percent), and the fact that shared information is not timely or relevant by the time companies receive it (33 percent).

Through the Collective Defense model, IronNet is taking information sharing and collaboration to a new level by enabling anonymized, real-time threat sharing to maximize visibility into the attack landscape and minimize impact on an organization’s operations.

Answering Calls to Action

Calls for faster, more relevant threat information sharing continue to come from industry- and  national-level cybersecurity initiatives. Former President Barack Obama initiated momentum on this concept with his 2015 Executive Order on Cybersecurity, which promoted private sector cybersecurity information sharing. In March 2020, the U.S. Cyberspace Solarium Commission report emphasized this same call to action, as did President Biden’s U.S. Presidential Executive Order on Improving the Nation’s Cybersecurity in May 2021, emphasizing threat information sharing as a primary theme and signaling to the public and private sectors that still more of this type of collaboration is needed in a timely, immediate, and relevant way.

The report’s findings related to the SolarWinds/SUNBURST attack revealed that organizations are urgently turning toward a threat-sharing model. The report provided an inside look into the financial damage stemming from this widespread supply chain attack that struck 18,000 companies and nine U.S. government agencies: Among the 85 percent of respondents affected by SolarWinds, nearly one third said their organization felt a significant financial impact from the attack. In fact, the attack cost affected companies, on average, 11 percent of their annual revenue.

These findings demonstrate the pressing need for a transformative approach to cybersecurity — an approach that operationalizes timely, relevant, and actionable threat sharing among industry peers and with the government. IronNet’s Collective Defense platform includes network detection and response (NDR) capabilities for advanced behavioral detection of unknown cyber threats via its IronDefense solution, and real-time threat intelligence sharing with its IronDome solution. The Collective Defense platform provides a radar-like view of potential incoming attacks; this real-time picture empowers organizations to more proactively defend against cyber attacks — both on-premise and in the cloud.

Tags:

Leave a Comment

Related posts