As seen in the media on a regular basis, organizations are being breached in a variety of ways, and the sophistication of attacks ranges from basic to truly mind-bending. The simplest of these breaches are executed using methods organizations have known how to protect against for years, yet they still fail to deploy the proper countermeasures. With these much more intricate attacks, companies still would have been at risk, even with the best prevention methods in place.

However, by banding together and implementing a community defense to share information, organizations can achieve a number of important goals, such as detecting attacks at an early stage with a security information and event management (SIEM) solution, helping to reduce catastrophic events, providing insight on security risks and alerting others about which threats to secure against.

According to the latest IBM X-Force security research, vulnerability disclosures rocketed to a record high in 2014, and designer vulnerabilities such as Heartbleed and Shellshock revealed cracks in the foundation of underlying libraries on nearly every common Web platform.

Learning where your organization stands on the community defense curve and figuring out how to best leverage information sharing for your business needs should be a top security priority. The following are a few things to consider:

  • How information can be properly shared;
  • Current information sharing models that are available;
  • How information should be shared across sectors;
  • Minimizing privacy concerns while maximizing benefit;
  • Getting large-scale participation.

The next few years should be very interesting as defenders join forces to share security knowledge for the safety of their organization, customers and peers. What will the future hold for those who actively engage in information sharing and community defense?

Community defense best practices and strategies will be discussed in detail during a two-hour, information-packed session sponsored by the Financial Services Information Sharing and Analysis Center and Soltra at RSA 2015. Security community panelists and peers will address how to practice information sharing across industries and geographies, how to make threat intelligence actionable, the economics involved and how open standards such as the Structured Threat Information Expression (STIX) and Trusted Automated Exchange of Indicator Information (TAXII) will be used.

more from Intelligence & Analytics

Why Threat Analysis Will Continue to Play a Vital Role in Security

Today, the cybersecurity industry faces many challenges. Highly skilled attackers, a daily flood of data full of irrelevant information and false alarms across multiple systems come in amid a severe shortage of skilled workers. In this industry, performing detailed threat analysis with the data you already have will help protect your business. For that, you need threat analysts. These are…

Unprecedented Shift: The Trickbot Group is Systematically Attacking Ukraine

Following ongoing research our team, IBM Security X-Force has uncovered evidence indicating that the Russia-based cybercriminal syndicate "Trickbot group" has been systematically attacking Ukraine since the Russian invasion — an unprecedented shift as the group had not previously targeted Ukraine. Between mid-April and mid-June of 2022 the Trickbot group, tracked by X-Force as ITG23 and also known as Wizard Spider,…