By definition, an immune system is the network of biological structures and processes within an organism that protect it against disease. A weak immune system that cannot effectively fight off attacks is not just a threat to its host, but also to others surrounding it.

This concept can likewise be applied to cybersecurity: Organizations need to build a strong cybersecurity immune system in which various parts interact and work together to detect, prevent and eradicate breaches. To be effective, this immune system approach needs to operate at two levels, both internally in the organization and externally at a broader industry level.

The Need for a Better Immune System

Across the world, cyberattacks are becoming more intelligent, more regular and more coordinated. A UN study on cybercrime established that up to 80 percent of cyberattacks are driven by highly organized crime rings that share data and tools to launch sophisticated attacks on businesses across the globe.

This is where organizations need to not only identify current threats, but anticipate them before they happen and take preventive measures to avoid being breached. Think of it like regularly taking vitamins to support your health: Building a strong internal network that is resilient to sickness is far more effective than responding to an infection when it happens.

Download the white paper: Combat security attacks with global threat intelligence

To effectively stave off cyberthreats in this manner, organizations need to have an integrated end-to-end security operation and incident response system in place. The challenge often faced is the number of variables that need to be standardized. Businesses need to bring together security analytics, forensics and vulnerability management alongside incident response into a coordinated approach for enterprise threat protection, detection and reaction.

This level of defense is often difficult to achieve, particularly in organizations that don’t have specific departments or staff dedicated to security. As an example, ransomware aimed at the Australian health care industry, and more specifically at small suburban medical and dental centers, has been a prominent threat that our incident response team has been working on in recent months.

While internal security systems are crucial, there is a much bigger and far more powerful external problem: collaboration. External assistance is often used to provide support in health care, whether in the form of doctors, specialists or medical associations. Intelligence on diseases and their associated treatments are shared quickly after testing, leading to preventative measures such as immunization being taken to eliminate the risk of the disease spreading.

Collaboration on cybersecurity can help businesses stay on the front foot as opposed to remaining reactive to threats. Indeed, plans for threat sharing centers were outlined in the Australian government’s $230 million cybersecurity strategy, indicating the local importance of collaboration.

The Road to Healthy Security

It was promising to see in the recent IBM Global C-Suite Study that over 50 percent of CEOs agree collaboration is necessary to combat cybercrime. The progression of open approaches, community development and code sharing are steps in the right direction. However, only one-third of CEOs expressed willingness to share their organization’s cybersecurity incident information externally.

This appears to be at odds with the broader technology sector, which is clearly benefiting from collaboration. According to a recent Linux Foundation study, 77 percent of business managers said that collaborative development practices have benefited their organization through shorter product development cycles and faster time to market.

The security industry is lagging when it comes to embracing an open approach. Open collaboration is critical for the evolution of security technology; for example, the IBM X-Force App Exchange enables the security community to easily create and share apps. By opening up a 700 TB database of threat intelligence data to the public, the X-Force Exchange allows companies across the world to share real-time data on threats and leverage each other’s expertise while remaining anonymous.

In some ways, security still feels like something dealt with in dark corners. A major hurdle standing in the way of a collaborative approach to cybersecurity appears to be trust; fear of IP violations and the threat of leaking valuable company information is a major deterrent for businesses. The tools and the market are ready, but the suspicious nature of companies, coupled with the ingrained attitude that cybersecurity is more responsive than preventative, is hindering organizations from taking part in security collaborations.

It may be some time before cybersecurity receives the same benefits from collaborative approaches seen in the wider tech industry. But collaboration can work. Let’s lift the lid on security and make it everyone’s problem.

Sign up for a free trial of the IBM X-Force Exchange

More from Intelligence & Analytics

The 13 Costliest Cyberattacks of 2022: Looking Back

2022 has shaped up to be a pricey year for victims of cyberattacks. Cyberattacks continue to target critical infrastructures such as health systems, small government agencies and educational institutions. Ransomware remains a popular attack method for large and small targets alike. While organizations may choose not to disclose the costs associated with a cyberattack, the loss of consumer trust will always be a risk after any significant attack. Let’s look at the 13 costliest cyberattacks of the past year and…

What Can We Learn From Recent Cyber History?

The Center for Strategic and International Studies compiled a list of significant cyber incidents dating back to 2003. Compiling attacks on government agencies, defense and high-tech companies or economic crimes with losses of more than a million dollars, this list reveals broader trends in cybersecurity for the past two decades. And, of course, there are the headline breaches and supply chain attacks to consider. Over recent years, what lessons can we learn from our recent history — and what projections…

When Logs Are Out, Enhanced Analytics Stay In

I was talking to an analyst firm the other day. They told me that a lot of organizations purchase a security information and event management (SIEM) solution and then “place it on the shelf.” “Why would they do that?” I asked. I spent the majority of my career in hardware — enterprise hardware, cloud hardware, and just recently made the jump to security software, hence my question. “Because SIEMs are hard to use. A SIEM purchase is just a checked…

4 Most Common Cyberattack Patterns from 2022

As 2022 comes to an end, cybersecurity teams globally are taking the opportunity to reflect on the past 12 months and draw whatever conclusions and insights they can about the threat landscape. It has been a challenging year for security teams. A major conflict in Europe, a persistently remote workforce and a series of large-scale cyberattacks have all but guaranteed that 2022 was far from uneventful. In this article, we’ll round up some of the most common cyberattack patterns we…