The implications of effective cybersecurity collaboration
The disruption caused by COVID-19 has made organisations turn to technology, enhancing cyber security systems and work effectively as a team
For years, cybersecurity was seemingly shrouded in mystery. Organisations were reluctant to show weakness, breaches weren’t revealed to avoid reducing end-user trust in services, and collaboration between those fighting against threat actors was almost non-existent. It resulted in a counter-intuitive form of status quo that made efforts to improve security more difficult, even though all these vendors were fighting the same fight.
That all changed following the disruption caused by COVID-19, which spawned the kind of cooperation we’ve never seen before. As everyone was shaken out of their comfort zone, it became clear the only viable path forward was to promote and prioritise consistent, transparent communication and teamwork across the cybersecurity community.
This teamwork was long overdue; effective collaboration is not only imperative to building resilience and protecting the people and organisations which rely on cybersecurity professionals, but isn’t as difficult as many within the industry originally thought. So as we begin to emerge from the other side of the pandemic, how can the security community ensure this collaboration continues, so they continue sharing best practice and continually improve their solutions and applications?
Taking a page from the open source book
The open source community is the pinnacle of collaboration, and has been for years. Software development has advanced rapidly thanks to the coming together of a diverse range of minds, experiences, and approaches. Disruptive and innovative solutions such as Docker and Kubernetes, for example – which were founded in open source – have become widely accessible to all, grounded in the notion that ‘no one can whistle a symphony; it takes a whole orchestra to play it’.
Its value and omnipresence can’t be stressed enough. A 2021 Red Hat report, for instance, discovered that 90% of IT leaders use enterprise open source today. Top use cases cited included IT infrastructure modernisation (64%), application development (54%), and digital transformation (53%), but the most revealing statistic was that 83% indicated they were more likely to select a software vendor that contributed to open source projects. This is clear evidence that a team mentality matters to those in charge.
The speed of attacker innovation is just one of the reasons security developers have become more reliant on sharing information openly. Securing applications is the first line of defence for an organisation, and disruption caused by those with malicious intent has to be cut through collaboratively to ensure this security. Developers and security experts need to discuss ideas and best practices openly, regularly seek advice and float suggestions – as is common in the open source community – if they are to build secure applications more quickly.
The community culture post-pandemic
A nimble and expressive community only enhances cybersecurity efforts, and must be paired with a willingness to learn from one another to give security teams the knowledge to fortify defences, especially as the threat landscape continues to shift and accelerate. Reducing our insistence on ‘proprietary’ information and removing gate-keeperism is a key part of this process, and many security teams that had embraced these behaviours prior to the COVID-19 pandemic saw their ability to respond to attacks at speed increase significantly as a result.
That said, the onset of the virus did pose a significant challenge to these new behaviours. Culture is such a huge part of secure software engineering, and thousands of developers and security experts were deprived of the ability to quickly brainstorm and bounce ideas off colleagues when it hit. To counter its impact, many developers, engineers and security professionals moved to online collaboration, and open forums. This community-centric approach has now become the ‘new normal’, challenging and shaping the more traditional development methods the industry had become accustomed to.
The emergence of a more collaborative environment has come with one caveat, however. The rapid and open sharing of information has led to many in the community posting their source code up for everyone to share and use. While this sharing is vital to securing applications, it’s important that no hard-coded security secrets are inadvertently uploaded or leaked in this process.
Final thoughts
Serious security breaches are commonplace in the current climate, and as attackers move ever quicker, the security community needs to ensure it moves at the same speed. Cybersecurity in itself is a constant exercise in navigating the disruption caused by threat actors, and security practices therefore need to be constantly reviewed, challenged and ‘disrupted’ (this time by the good guys) to ensure they are fit for purpose. Collaboration is key to this process: the more security teams can work together and rely on each other, the more the general security posture of UK businesses will improve.