The war against cybercriminals won’t be won alone. To keep hackers at bay, security vendors are establishing more ways for their customers to cooperate and share data about the latest threats — even as it sparks concerns about trust and competition.
“We have to win this war together,” said Ben Johnson, chief security strategist of Carbon Black.
The company is the latest to help pool together security expertise with a new platform called the Detection eXchange.
Carbon Black protects the networks of thousands of companies, and it’s now opening a line of communication between them. More than a virus signature or an IP address, the exchange aims to foster the sharing of “patterns of attack,” which identify behaviors and tactics employed by malicious hackers.
That can be valuable knowledge, Carbon Black says, because those patterns are harder for hackers to quickly change than something like an IP address.
Although CISA has raised concerns about privacy, because the government will be the clearing house for data that gets shared, security vendors say collaborating on intelligence can help their clients prevent the next cyberattacks.
Palo Alto Networks is another vendor trying to build a culture of cooperation. The industry has been focused on protecting data, but it needs to share it too, said the company’s chief security officer, Rick Howard.
In 2014, Palo Alto Networks joined with rivals including Fortinet, Intel Security and Symantec to form the Cyber Threat Alliance. The vendors are each sharing around 1,000 malware samples each day and using that data to bolster their security products.
The alliance is still small, with only about eight members, but Howard believes it will be a “game changer” if the group can expand to 50.