With cyber attacks, data breaches and a host of exploits emerging every week, the security landscape is getting almost impossible to navigate. In order to survive, the good guys – organisations, cyber security experts and law enforcement – must work together, sharing threat intelligence and details of successful breaches and defences.
Earlier this year, Ponemon Institute polled organisations about threat intelligence sharing, and found the five most commonly cited benefits.
It fosters collaboration among peers and industry groups
Everyone involved in cyber security is trying to uncover the most dangerous vulnerabilities facing organisations. Although no one will have all the answers, there is a lot of help out there spread among different sources. By pooling their knowledge, organisations and industry experts can spot emerging threats faster and find more effective solutions.
It enhances the timeline of incident response
Incident response plans are built upon experience – knowing how attacks unfold and what should, and shouldn’t, be done to deal with them. An organisation that works in isolation will only have the experience of threats it has already faced. But by sharing information, organisations don’t have to wait until they are already hit to gain crucial knowledge.
Reduces the cost of detecting and preventing data breaches
The cost of detection, prevention and response is directly tied to how quickly an organisation reacts to a security incident. A 2017 Ponemon study found that, for breaches identified within 100 days, the average cost was about £2.10 million, but for breaches that took longer to identify, the average cost rose to £2.87 million.
Improves the effectiveness of the incident response plan
Threat sharing allows you to not only respond to incidents more promptly but also more thoroughly. The recovery process will generally be smoother, as organisations will have a better idea of what works and what doesn’t. It might also mean that organisations can prepare for a wider set of incidents.
Improves the security posture of an organisation
This is a broad acknowledgement of all the points made above. Each benefit will improve organisations’ security postures somewhat, but the end result is greater than the sum of its parts. Threat sharing doesn’t only foster collaboration, improve incident response and save organisations money – it does all of those things.
Source: IT Governance