“What came first, the chicken or the egg?” is a metaphysical mystery. One step right below that, at least in my opinion, is: Who controls the information technology security agenda? Do security solutions arise because vendors believe their technology is required, because users make demands or because the environment forces the issue?

Security for the IT infrastructure is critical in establishing a level of trust for Internet activities. Determining the most effective security measures for combating modern threats, however, is a difficult task that can muddy the waters.

IT Security Innovation

Two decades ago IT security simply consisted of antivirus, firewalls, passwords and patching. Attackers found ways to overcome those simple solutions, which resulted in vendors producing more advanced defensive technologies. Many types of security products have been developed since then, but cybercriminals eventually develop capabilities to circumvent or neutralize these defenses. Then the cycle continues.

Innovation continues to occur on both sides of the equation. The interplay between users, defenders, vendors and cybercriminals has fostered the creation of a varied and diverse set of protection solutions. But is it possible to predict what types of innovations will be coming next?

The Next Big Thing on the Agenda

When you have been involved in IT security for as a long as I have, people ask you what the next big thing will be. Is there something on the horizon that everyone will be talking about in the next year or two? Regrettably, my answer is typically an unsatisfying “I don’t know — it’s up to the attackers.”

Where cybercriminals will next concentrate their efforts is unknown. They have the initiative. It is only after new attack techniques are causing damage that security solutions tailored to thwart them are created; the vicious cycle of act and react continues.

Getting Ahead of the Curve

I’ve begun to believe that we’ve turned the corner. Defenders are now moving in a direction that could take much of the security initiative away from the attackers. The genesis for this change is partly a result of realizing that attackers have an advantage due to how they operate: They receive a force multiplier when they collaborate.

By sharing targeting information, vulnerabilities and tools, malicious actors are more effective. Collaboration has been a key component in their ability to stay one step ahead because they are collectively finding ways to bypass new security technologies.

The next major innovation in security isn’t a specific tool but an evolving mindset that the protection side shouldn’t go it alone. Defenders have taken note and are now growing their ability to collaborate, to share knowledge and defensive tools in order to improve response to threats, to have a better understanding of what is being targeted and to improve insight into malicious operations.

Improving information sharing can foster a sense of collective defense and enable a more proactive defense. By pooling threat trends, especially along industry lines, early warning is possible. This knowledge can aid in pre-empting attacks through vigilance and adjustments, such as creating new firewall rules, embracing virtual patching or closely monitoring privileged access activities.

The Two Exchanges

IBM’s collaboration efforts encompass X-Force Exchange and the App Exchange. With X-Force Exchange, IBM has opened up 700 terabytes of threat and vulnerability data to security researchers. This vast collection of information enables specialists to rapidly research the latest security threats, aggregate actionable intelligence — which encompasses IP address and URL reputation, Internet application profiles and malware information — and collaborate with peers. All of this allows organizations to see the bigger picture.

X-Force App Exchange is a marketplace for the security community to create and share apps. Third parties can create applications that will allow specialized data to be analyzed, processed and reported. Eventually the program will be extended to other product lines.

With these initiatives and those still to come, the attackers will soon not be driving the security agenda.

Watch the video: Collaborate for Better Cybersecurity Defenses

More from Intelligence & Analytics

X-Force Threat Intelligence Index 2024 reveals stolen credentials as top risk, with AI attacks on the horizon

4 min read - Every year, IBM X-Force analysts assess the data collected across all our security disciplines to create the IBM X-Force Threat Intelligence Index, our annual report that plots changes in the cyber threat landscape to reveal trends and help clients proactively put security measures in place. Among the many noteworthy findings in the 2024 edition of the X-Force report, three major trends stand out that we’re advising security professionals and CISOs to observe: A sharp increase in abuse of valid accounts…

Web injections are back on the rise: 40+ banks affected by new malware campaign

8 min read - Web injections, a favored technique employed by various banking trojans, have been a persistent threat in the realm of cyberattacks. These malicious injections enable cyber criminals to manipulate data exchanges between users and web browsers, potentially compromising sensitive information. In March 2023, security researchers at IBM Security Trusteer uncovered a new malware campaign using JavaScript web injections. This new campaign is widespread and particularly evasive, with historical indicators of compromise (IOCs) suggesting a possible connection to DanaBot — although we…

Accelerating security outcomes with a cloud-native SIEM

5 min read - As organizations modernize their IT infrastructure and increase adoption of cloud services, security teams face new challenges in terms of staffing, budgets and technologies. To keep pace, security programs must evolve to secure modern IT environments against fast-evolving threats with constrained resources. This will require rethinking traditional security strategies and focusing investments on capabilities like cloud security, AI-powered defense and skills development. The path forward calls on security teams to be agile, innovative and strategic amidst the changes in technology…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today