Recently EiQ wrote about executive teams' perspective on cybersecurity and how organizations should collaborate, both internally and externally, to defend against cyber attacks. There is a serious need for companies to increase collaboration on cybersecurity and share critical information about vulnerabilities in order to prevent future hacks.
Collaboration within a company should be accomplished by facilitating communication and joint work between leaders such as Chief Finance Officers (CFOs) and Chief Human Resource Officers (CHROs). After all, these personnel are most responsible for personally and financially sensitive data, which are prime targets for hackers.
According to a 2016 IBM report, organizations that have established a comprehensive cybersecurity program that engages staff at every level—from the boardroom to management to regular employees—are more open to collaboration and sharing cyber incidents with other companies. Ultimately, that leads to earlier detection of breaches, insights on security vulnerabilities, and more.
Collaborate with Other Companies
Unfortunately, 68% of C-level executives oppose the idea of sharing vulnerability information with other companies. But companies need to bulk up their defenses together by uniting around a common interest: stopping hackers. How can this be accomplished, especially when companies normally try to keep their breaches quiet?
If one company in an industry is under attack, it is almost certain that other companies in the same industry are. So the first company can warn the others of a potential vulnerability. This usually happens through the help of law enforcement and information-sharing centers particular to individual industries. But companies often worry what legal liability they may face by sharing information. The same is true when it comes time for a company to announce that it has suffered a breach.
Some lawmakers are considering ways to supply firms with liability protection to incentivize information sharing. In the United States, the Department of Homeland Security acts as a liaison between government agencies and private companies reporting security breaches. The Cybersecurity Information Sharing Act (CISA) stipulates that all personally identifiable data must be removed before information is shared, which helps protect the compromised information and the companies sharing it. It also includes liability protection, so companies who opt to share information for the benefit of others don't get sued.
Collaborate with a Security Operations Center
Many businesses understandably do not have the time or budget to hire the personnel required to meet the minimum requirements of an in-house cybersecurity team. An effective solution for these organizations is to supplement whatever in-house cyber defense team is in place with a Security Operations Center (SOC).
When companies are hacked, they may feel understandably reluctant to share the details, preferring to keep the situation as private as possible. However, collaboration is key to helping organizations stay protected and minimizing future threats to their industry. Working together at all levels: within your organization, within your business community, and with qualified security operations personnel, will help ensure the highest level of protection for everyone involved.
More and more, organizations who were previously understaffed, underbudgeted, and overwhelmed are finding that EiQ’s hybrid SaaS security services that combine the best people, process, and technology are a welcome change from going it alone. EiQ is transforming how mid-market organizations build enterprise-class security programs. Acting as an extension of our customers’ IT teams, EiQ’s SOCVue provides continuous security operations based on best-of-breed technology at a fraction of the cost of alternative solutions. EiQ is a trusted advisor to organizations that need to improve their IT security and compliance posture by protecting their infrastructure against cyber threats and vulnerabilities. To learn more, please request a demo today!