By definition, an immune system is the network of biological structures and processes within an organism that protect it against disease. A weak immune system that cannot effectively fight off attacks is not just a threat to its host, but also to others surrounding it.

This concept can likewise be applied to cybersecurity: Organizations need to build a strong cybersecurity immune system in which various parts interact and work together to detect, prevent and eradicate breaches. To be effective, this immune system approach needs to operate at two levels, both internally in the organization and externally at a broader industry level.

The Need for a Better Immune System

Across the world, cyberattacks are becoming more intelligent, more regular and more coordinated. A UN study on cybercrime established that up to 80 percent of cyberattacks are driven by highly organized crime rings that share data and tools to launch sophisticated attacks on businesses across the globe.

This is where organizations need to not only identify current threats, but anticipate them before they happen and take preventive measures to avoid being breached. Think of it like regularly taking vitamins to support your health: Building a strong internal network that is resilient to sickness is far more effective than responding to an infection when it happens.

Download the white paper: Combat security attacks with global threat intelligence

To effectively stave off cyberthreats in this manner, organizations need to have an integrated end-to-end security operation and incident response system in place. The challenge often faced is the number of variables that need to be standardized. Businesses need to bring together security analytics, forensics and vulnerability management alongside incident response into a coordinated approach for enterprise threat protection, detection and reaction.

This level of defense is often difficult to achieve, particularly in organizations that don’t have specific departments or staff dedicated to security. As an example, ransomware aimed at the Australian health care industry, and more specifically at small suburban medical and dental centers, has been a prominent threat that our incident response team has been working on in recent months.

While internal security systems are crucial, there is a much bigger and far more powerful external problem: collaboration. External assistance is often used to provide support in health care, whether in the form of doctors, specialists or medical associations. Intelligence on diseases and their associated treatments are shared quickly after testing, leading to preventative measures such as immunization being taken to eliminate the risk of the disease spreading.

Collaboration on cybersecurity can help businesses stay on the front foot as opposed to remaining reactive to threats. Indeed, plans for threat sharing centers were outlined in the Australian government’s $230 million cybersecurity strategy, indicating the local importance of collaboration.

The Road to Healthy Security

It was promising to see in the recent IBM Global C-Suite Study that over 50 percent of CEOs agree collaboration is necessary to combat cybercrime. The progression of open approaches, community development and code sharing are steps in the right direction. However, only one-third of CEOs expressed willingness to share their organization’s cybersecurity incident information externally.

This appears to be at odds with the broader technology sector, which is clearly benefiting from collaboration. According to a recent Linux Foundation study, 77 percent of business managers said that collaborative development practices have benefited their organization through shorter product development cycles and faster time to market.

The security industry is lagging when it comes to embracing an open approach. Open collaboration is critical for the evolution of security technology; for example, the IBM X-Force App Exchange enables the security community to easily create and share apps. By opening up a 700 TB database of threat intelligence data to the public, the X-Force Exchange allows companies across the world to share real-time data on threats and leverage each other’s expertise while remaining anonymous.

In some ways, security still feels like something dealt with in dark corners. A major hurdle standing in the way of a collaborative approach to cybersecurity appears to be trust; fear of IP violations and the threat of leaking valuable company information is a major deterrent for businesses. The tools and the market are ready, but the suspicious nature of companies, coupled with the ingrained attitude that cybersecurity is more responsive than preventative, is hindering organizations from taking part in security collaborations.

It may be some time before cybersecurity receives the same benefits from collaborative approaches seen in the wider tech industry. But collaboration can work. Let’s lift the lid on security and make it everyone’s problem.

Sign up for a free trial of the IBM X-Force Exchange

More from Intelligence & Analytics

BlackCat (ALPHV) Ransomware Levels Up for Stealth, Speed and Exfiltration

9 min read - This blog was made possible through contributions from Kat Metrick, Kevin Henson, Agnes Ramos-Beauchamp, Thanassis Diogos, Diego Matos Martins and Joseph Spero. BlackCat ransomware, which was among the top ransomware families observed by IBM Security X-Force in 2022, according to the 2023 X-Force Threat Intelligence Index, continues to wreak havoc across organizations globally this year. BlackCat (a.k.a. ALPHV) ransomware affiliates' more recent attacks include targeting organizations in the healthcare, government, education, manufacturing and hospitality sectors. Reportedly, several of these incidents resulted…

9 min read

Despite Tech Layoffs, Cybersecurity Positions are Hiring

4 min read - It’s easy to read today’s headlines and think that now isn’t the best time to look for a job in the tech industry. However, that’s not necessarily true. When you read deeper into the stories and numbers, cybersecurity positions are still very much in demand. Cybersecurity professionals are landing jobs every day, and IT professionals from other roles may be able to transfer their skills into cybersecurity relatively easily. As cybersecurity continues to remain a top business priority, organizations will…

4 min read

79% of Cyber Pros Make Decisions Without Threat Intelligence

4 min read - In a recent report, 79% of security pros say they make decisions without adversary insights “at least the majority of the time.” Why aren’t companies effectively leveraging threat intelligence? And does the C-Suite know this is going on? It’s not unusual for attackers to stay concealed within an organization’s computer systems for extended periods of time. And if their methods and behavioral patterns are unfamiliar, they can cause significant harm before the security team even realizes a breach has occurred.…

4 min read

Why People Skills Matter as Much as Industry Experience

4 min read - As the project manager at a large tech company, I always went to Jim when I needed help. While others on my team had more technical expertise, Jim was easy to work with. He explained technical concepts in a way anyone could understand and patiently answered my seemingly endless questions. We spent many hours collaborating and brainstorming ideas about product features as well as new processes for the team. But Jim was especially valuable when I needed help with other…

4 min read