Emerging threats encourage cooperation among security professionals
According to a new survey of attendees to this year’s Black Hat USA conference, concerns around emerging threats like ransomware and polymorphic malware have sparked a significant increase in collaboration by the cybersecurity industry.
The study by security management specialist AlienVault spoke to over 600 participants at the conference and found that for 43 percent, ransomware is their biggest security concern.
The second largest group, 31 percent, is most worried about polymorphic malware, which is able to adapt its appearance to avoid detection. In terms of ransomware, the biggest fear for most participants (38 percent) is being unable to prevent a future infection.
The changing threat landscape has fueled a significant increase in the public sharing of threat intelligence over the past two years. AlienVault has been tracking the sharing of threat data through surveys at security conferences worldwide since 2015. Two years ago, just eight percent of Infosecurity Europe conference participants, and 14 percent of those attending Black Hat USA, said that they publicly shared details about new threats they discovered. In the 2017 survey of Black Hat conference participants, this percentage is up to 17 percent.
"For years, security teams have perpetuated the myth that one can create an orderly, protective security bubble around an organization to keep the bad guys out," says Javvad Malik, security advocate at AlienVault. "But new and emerging threats are challenging this approach. Cybersecurity never stops, so it's vital that security teams pool their collective expertise by sharing threat intelligence. Spotting potential problems before they escalate is vital to minimizing future damage from cyber-attacks."
The results also indicate that security professionals are now trusting the threat intelligence available to them more than they did two years ago. In particular, the number of those who trust open source threat intelligence has doubled from 15 percent in 2015 (Infosecurity Europe participants only) to 31 percent of those surveyed at Black Hat 2017. This increased trust may be due by the proven ability of open source tools to respond quickly in the event of serious threats.
Malik adds, "The harsh reality is that no number of security systems can stop an attack; they can only reduce the risk. The severity of an attack is therefore determined by how quickly a company can respond to threats as they occur. When security teams can identify potential threats before they strike, it can save a company millions in costly damages to both revenue and reputation. Free tools are often the fastest to spot and identify new threats because they rely on the shared experiences of huge numbers of security teams around the world."
You can read more about the findings on the AlienVault blog.