Picture this: you’re working from home while many of your neighbors have gone back to the office. You get up from your desk for your first break of the day, hoping to steal a few minutes to heat up some leftovers. You’re waiting for the microwave countdown and glance out the window. Whoa! You happen to see a stranger across the street looking in your neighbor’s side window. What do you do?
First, you immediately notify your neighbor. As you’re on the phone, though, you see the stranger run to the next house across the street. Same thing: he’s looking in a side window. Now, suspicion immediately turns to alarm. Just as you’re dialing 911, the guy takes off fast. You finish your 911 call and then send an alert to your neighborhood social network group: “Guy in green shirt, Walnut St, peeking in houses.”
Then you check your own house: Front door, locked. Garage, closed. Deck door, locked.
In our personal lives, we are maniacally focused on how to best protect our families, and we turn to many layers of defense (often including a good guard dog, for instance). Fortunately, digital technologies have raised the capabilities of the old-school Neighborhood Watch approach to allow for a faster, broader-brush response to early indicators of suspicious behaviors or circumstances. Real-time collaboration and networking enable a Collective Defense approach to network security.
So why aren’t we adopting this same method in our professional communities? A highly secure cloud, the ability to anonymize threat intelligence, and crowdsourcing technologies are at our disposal to implement the cyber equivalent of a “community watch” program. There still is widespread reluctance to defend in this way, however.
The hesitation honestly confounds me. By not securing companies from unwanted cyber intruders, we continue to place digital valuables (e.g. intellectual property) and families at risk. And have you given some thought lately to what a cyber attack could do to the grid (extended black out), food supply (well beyond meat or candy corn) or even public safety (tainted water supplies or compromised nuclear facilities)?
I don’t mean to turn to fear tactics to make my point, but it’s clear that we must collectively apply the same level of vigilance to securing our networks of schools, industries, and public agencies as we do to our own homes and neighborhoods. Why? Because every year nation-state threat actors are getting more and more sophisticated and numerous (doubling over the last three years), and they are targeting multiple entities at once (e.g., SolarWinds). The current threat landscape exceeds any single company’s ability to defend itself. Attacks are so prevalent and advanced, why wouldn’t you put in extra measures for truly defense-in-depth security — that is, a cyber alarm system that gives you deeper peace of mind than just locks on your doors (i.e., endpoint protection or firewalls) should the cyber attacks break though these perimeters?
Even smaller companies with limited budgets can realize value from Collective Defense as the next-gen way to do cybersecurity, as they can benefit from seeing the same cyber radar view as larger, better-fortified companies. The larger companies benefit, too, because nation-state attackers often conduct “cyber target practice” on smaller entities, re-working their attack infrastructure before moving to their intended victims. All get the unique threat intelligence with situational context.
It all boils down to real-time visibility: the more you can see, the faster you can act, and the better you can defend. Like a neighborhood watch app, Collective Defense provides an early warning system of strange activity spotted on individual networks and collaborated across the participating ecosystem. When one organization is attacked, everyone gets alerted. Because of this shared defense, as National Cyber Director Chris Inglis has said, “You must beat all of us to beat one of us.”
We need a major mind shift, as General (Ret.) Keith Alexander has said, to make fundamental strides in transforming cybersecurity as we know it. At IronNet, we’ve laid the foundation for this new approach. Are you ready to move into our “cyber neighborhood”? I’d be happy to connect with you at RSA 2022, June 6-9, to discuss how you can get started.