“What came first, the chicken or the egg?” is a metaphysical mystery. One step right below that, at least in my opinion, is: Who controls the information technology security agenda? Do security solutions arise because vendors believe their technology is required, because users make demands or because the environment forces the issue?

Security for the IT infrastructure is critical in establishing a level of trust for Internet activities. Determining the most effective security measures for combating modern threats, however, is a difficult task that can muddy the waters.

IT Security Innovation

Two decades ago IT security simply consisted of antivirus, firewalls, passwords and patching. Attackers found ways to overcome those simple solutions, which resulted in vendors producing more advanced defensive technologies. Many types of security products have been developed since then, but cybercriminals eventually develop capabilities to circumvent or neutralize these defenses. Then the cycle continues.

Innovation continues to occur on both sides of the equation. The interplay between users, defenders, vendors and cybercriminals has fostered the creation of a varied and diverse set of protection solutions. But is it possible to predict what types of innovations will be coming next?

The Next Big Thing on the Agenda

When you have been involved in IT security for as a long as I have, people ask you what the next big thing will be. Is there something on the horizon that everyone will be talking about in the next year or two? Regrettably, my answer is typically an unsatisfying “I don’t know — it’s up to the attackers.”

Where cybercriminals will next concentrate their efforts is unknown. They have the initiative. It is only after new attack techniques are causing damage that security solutions tailored to thwart them are created; the vicious cycle of act and react continues.

Getting Ahead of the Curve

I’ve begun to believe that we’ve turned the corner. Defenders are now moving in a direction that could take much of the security initiative away from the attackers. The genesis for this change is partly a result of realizing that attackers have an advantage due to how they operate: They receive a force multiplier when they collaborate.

By sharing targeting information, vulnerabilities and tools, malicious actors are more effective. Collaboration has been a key component in their ability to stay one step ahead because they are collectively finding ways to bypass new security technologies.

The next major innovation in security isn’t a specific tool but an evolving mindset that the protection side shouldn’t go it alone. Defenders have taken note and are now growing their ability to collaborate, to share knowledge and defensive tools in order to improve response to threats, to have a better understanding of what is being targeted and to improve insight into malicious operations.

Improving information sharing can foster a sense of collective defense and enable a more proactive defense. By pooling threat trends, especially along industry lines, early warning is possible. This knowledge can aid in pre-empting attacks through vigilance and adjustments, such as creating new firewall rules, embracing virtual patching or closely monitoring privileged access activities.

The Two Exchanges

IBM’s collaboration efforts encompass X-Force Exchange and the App Exchange. With X-Force Exchange, IBM has opened up 700 terabytes of threat and vulnerability data to security researchers. This vast collection of information enables specialists to rapidly research the latest security threats, aggregate actionable intelligence — which encompasses IP address and URL reputation, Internet application profiles and malware information — and collaborate with peers. All of this allows organizations to see the bigger picture.

X-Force App Exchange is a marketplace for the security community to create and share apps. Third parties can create applications that will allow specialized data to be analyzed, processed and reported. Eventually the program will be extended to other product lines.

With these initiatives and those still to come, the attackers will soon not be driving the security agenda.

Watch the video: Collaborate for Better Cybersecurity Defenses

More from Intelligence & Analytics

2022 Industry Threat Recap: Manufacturing

It seems like yesterday that industries were fumbling to understand the threats posed by post-pandemic economic and technological changes. While every disruption provides opportunities for positive change, it's hard to ignore the impact that global supply chains, rising labor costs, digital currency and environmental regulations have had on commerce worldwide. Many sectors are starting to see the light at the end of the tunnel. But 2022 has shown us that manufacturing still faces some dark clouds ahead when combatting persistent…

Cybersecurity in the Next-Generation Space Age, Pt. 3: Securing the New Space

View Part 1, Introduction to New Space, and Part 2, Cybersecurity Threats in New Space, in this series. As we see in the previous article of this series discussing the cybersecurity threats in the New Space, space technology is advancing at an unprecedented rate — with new technologies being launched into orbit at an increasingly rapid pace. The need to ensure the security and safety of these technologies has never been more pressing. So, let’s discover a range of measures…

Backdoor Deployment and Ransomware: Top Threats Identified in X-Force Threat Intelligence Index 2023

Deployment of backdoors was the number one action on objective taken by threat actors last year, according to the 2023 IBM Security X-Force Threat Intelligence Index — a comprehensive analysis of our research data collected throughout the year. Backdoor access is now among the hottest commodities on the dark web and can sell for thousands of dollars, compared to credit card data — which can go for as low as $10. On the dark web — a veritable eBay for…

The 13 Costliest Cyberattacks of 2022: Looking Back

2022 has shaped up to be a pricey year for victims of cyberattacks. Cyberattacks continue to target critical infrastructures such as health systems, small government agencies and educational institutions. Ransomware remains a popular attack method for large and small targets alike. While organizations may choose not to disclose the costs associated with a cyberattack, the loss of consumer trust will always be a risk after any significant attack. Let’s look at the 13 costliest cyberattacks of the past year and…