Sharing is Caring – Threat Intel for You and Your Business Partners

As kids we’re taught to share our toys. It’s a hard lesson to “get.”

When it comes to cybersecurity and information sharing, many still don’t “get” it. Liability concerns, competitive disadvantages, and so on. But even if some of these concerns are legitimate, this lesson really shouldn’t be so hard.

According to the latest Verizon DBIR, while compromises are happening faster, the time to discover the compromise is taking longer than in previous years. We can combat this challenge through the use of sound threat intelligence and sharing among “friends.” Through intel you can be more prepared in advance of an attack, reducing the amount of incidents you need to respond to.

Many are trying to address this sharing problem — hence the creation of Information Sharing and Analysis Centers, aka ISACs. There are a boatload of ’em — 18 listed on Wikipedia’s page on ISACs. Each of these ISACs is specific to an industry, so in theory there is relevancy built in to the information that is shared. The intent of these ISACs is sound, and there are many good people working to make these ISACs really useful. But they have their limits as well. We all have businesses to run and support after all.

So how do we take the ISAC concept up a notch, where the intel being shared is more than relevant, but SPECIFIC to your business? Privatize the ISAC to fit your own business ecosystem. This means pulling in your partners and suppliers. You should already be sharing information with them anyway, just include cyber as part of it.

Whether you are a big, medium or small business, most likely you have partners and suppliers that are an extension of your cyber footprint. They typically have some level of access to to your network, applications and data. Having these intersecting points allows business to run more efficiently. But with these intersections comes risk. A company’s suppliers are often integral to their business — I need X and Y to fulfill Z, and X comes from a supplier. Suppliers that don’t pay enough attention to security ultimately can cause a very direct and painful impact on your business (Target is the obvious supply chain cyber example used often, but there are plenty more where that came from).

As opposed to sharing information with folks you don’t know (and let’s be honest, how much do you want to really expose to a wider audience not within your control?), your own supply chain is, for all intents and purposes, just an extension of your own enterprise. It only makes sense that your security “umbrella” should extend out a bit over them as well.

As such, sharing info, analysis and expertise within your “extended family” can be very valuable to establishing the kind of early warning system that is the promise of cyber information sharing to begin with — and without most of the risks.

Sharing threat intelligence, risk identification and other analysis with your partners helps you help yourself. Cybercriminals work together and share information all the time in Dark Web forums and even sometimes out in the open.

Sharing is caring. And the group of folks that you will get the most value out of sharing cyber threat intelligence with are the companies in your supply chain.

Author: Sam Erdheim

Sam Erdheim has more than 15 years of experience across all facets of marketing and product management for enterprise software companies. Mr. Erdheim has spent the past 10 years in the information security space, most recently serving as Director of Marketing for AlgoSec, a security policy management vendor, where he was responsible for leading the strategy and development of the company's corporate and product positioning, content and communications. Prior to AlgoSec, Mr. Erdheim served as Director of Marketing at Lumension, an endpoint security provider, where he drove a comprehensive demand generation program that supported more than a third of the sales pipeline and created an automated email nurture campaign that received a Gold Medal from MarketingSherpa. Previously, Mr. Erdheim served in product management and marketing roles for other technology companies such as Softek (acquired by IBM Global Services), iLumin (acquired by CA) and Thomson Financial. Mr. Erdheim is a graduate of Tufts University.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: