Bad Actors Are Collaborating. Companies Need To Collaborate More

In an increasingly digitized world, it’s no surprise that businesses of all sizes and lines of business are subjected to cyberattacks. Paradoxically, cybercriminals have shown an amazing ability to collaborate and share tactics with one another, while many companies struggle to work together in the fight against this problem.

In particular, businesses are a favorite target of increasingly sophisticated and damaging attacks by shadowy figures in the online world. It is evident that cybercriminals have significantly increased their ability to affect companies, and the magnitude of the problem requires concerted and urgent action, since this can result in substantial financial costs for companies, which must invest in repairing the damage, improve security and deal with the loss of trust from customers and partners.

The prevention and mitigation of attacks requires essential investments, not superficial expenses, and it is of the utmost importance to work on the adoption of advanced detection and response technologies, as well as the continuous education of employees to identify and prevent threats.

However, cooperation between public-private organizations is essential to combat the growing cyber threat, governments and cybersecurity associations need to strengthen their cooperation  with the private sector to grow threat and cybersecurity sharing to develop effective strategies and countermeasures against threat actors and improve defenses.

Recently, the US Securities and Exchange Commission (SEC) announced new cybersecurity regulations, including three new proposed rules, which focus on financial sector entities, including stockbrokers, investment advisers, investment companies, and other entities regulated by the SEC.

This is a big step for the industry in terms of cybersecurity, as these protocols would require regulated entities to formally adopt policies and procedures to respond to cyber incidents, expand the scope of information subject to the rules to include information received from financial institutions of third parties, and would implement new requirements for reporting cyber incidents to both customers and regulators.

It is vital that when cyber breaches have real-life consequences and reputational costs, investors have a right to know about an organization's cyber risk management activities. This is a dramatic step toward greater transparency and accountability and will greatly improve our cybersecurity preparedness as a nation. The new SEC rules make this task easier.

For several years now, the largest and most powerful companies worldwide have treated cybersecurity as something non-essential. Now, it is very clear that corporate leaders must elevate cybersecurity within their organizations. This action not only protects digital assets, but also strengthens the resilience of the company in an ever-changing world.

Cybersecurity is a collective challenge that requires a collective approach. Companies must overcome traditional obstacles and prioritize collaboration over competition. The fight against cybercrime is not only a corporate responsibility, but also a moral and ethical responsibility to protect data and the security of people.

Just as cybercriminals harness collaboration for their destructive purposes, businesses have the opportunity to leverage collaboration to strengthen their cyber defenses. Digital security is a shared goal, and only through cooperation can we achieve a safer online environment and resilience.

Today, we are faced with an industry of prepared cybercriminals who exploit every open door. For this reason, I consider it necessary that we keep creating and growing spaces for collaboration and exchange of ideas that allow cybersecurity experts to provide key information on the latest attack trends and how to defend themselves and inform governments on how to obtain an adequate vision of the cyber risk so cybersecurity teams can make informed decisions and prevent attacks before they happen.

There are ways in which security pros, organizations and governments can collaborate and find adequate forums for interchanging ideas, and at the same time, learn new TTPs (tactics, techniques and procedures) the attackers leverage to ensure  success in their campaigns. The reason for investment goes well beyond just being part of a security conference or having specific memberships to organizations that share proper information: it’s the readiness we will all get for having a proactive cybersecurity posture that the organization’s cybersecurity pros represent, and understanding the ever-changing cybersecurity landscape.

At the same time, CERTs (Computer Emergency Response Team) throughout the world help bring this information together in a worldwide view of interconnected assets, and how they can be affected and respond accordingly, sharing information. For example, an extract from a public statement of the US CERT reads: “US-CERT has established several important components that foster and facilitate information sharing and collaboration on cybersecurity issues among government, industry, academia, and international entities.”

Another great source for collaborative work is the MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge), which is free for all and aids in understanding how the TTPs are being leveraged while helping strengthen our cybersecurity posture. This framework is essential in developing countermeasures and cybersecurity postures that help minimize impacts, and several tools adopt these TTPs for providing context when cybersecurity experts need to plan and implement strategies.

Cybersecurity companies also play an interesting role: Several have advisories and blogs covering threat findings and intelligence that is shared with the public. Collaboration exists among vendors, and several partnerships are created as a result.

Not all countries have the same tactics as the SEC: Public-private partnerships need to exist throughout the world to facilitate the development and application of cybersecurity standards, guidelines, and best practices.

In conclusion, cybersecurity has become a critical element in the success and stability of modern businesses, as cyberattacks can have a substantial impact on a company's finances and reputation. It is essential that investors have the right to learn about cyber risk management activities to make informed investment decisions and protect their financial interests.

Let's keep in mind that cybersecurity is no longer the exclusive domain of techies; it is an integral part of business strategy and risk management.