Addressing Cybersecurity Challenges Through Collaborative Solutions

In the realm of cybersecurity, a significant problem persists: most companies attempt to tackle issues independently or through purchased products that only address a subset of issues, primarily focusing on detection rather than prevention, not from a lack of trying. They patch vulnerabilities, block malicious websites, and perform repeated tasks, leading to frustration and overwork among their Vulnerability Management (VM) and Security Operations Center (SOC) analysts. These professionals often become disillusioned with the monotonous work and either leave for vendors to try to "fix" the problem or continue in a cycle of redundancy. This article advocates for a collaborative approach to solve widespread cybersecurity issues efficiently and effectively, emphasizing the critical business risks and costs associated with cybersecurity breaches.

The Power of Collective Solutions

Historically, some of the most pressing security problems have been resolved at their base or root cause by specific companies or platforms implementing changes that benefit the entire world. Here are a few notable examples:

• Address Space Layout Randomization (ASLR): When Microsoft incorporated ASLR into its operating systems, it significantly reduced the number of vulnerabilities related to buffer overflows. This change didn't require a massive overhaul of software worldwide; it provided immediate security improvements for most applications, making previously exploitable code either impossible or much more difficult to exploit. This proactive measure saved countless companies from potential breaches and the associated costs.
• Java Exploits in Browsers: Java was once a popular target for attackers due to its multiple paths to code execution. However, when major browsers like Mozilla Firefox, Google Chrome, and Microsoft Edge removed Java support, the threat diminished substantially or in most cases was completely removed. This allowed security professionals to prioritize other vulnerabilities, reducing the overall burden on patching Java on endpoints. Many breaches were averted due to this collective action.
• GitHub's Dependabot: GitHub's implementation of Dependabot, which scans public repositories for known vulnerabilities and automatically creates pull requests or issues to address them, has streamlined the process of fixing security issues. This proactive approach has made it nearly seamless for developers to maintain secure codebases. Dependabot's automatic vulnerability management has saved countless hours and reduced the risk of financial loss due to security breaches.
• SIM Swapping Protections: This is a particularly perfect example where the only recourse for most companies is to completely remove the use of SMS or other cellular-based Multi-Factor-Authentication (MFA) as there aren't any preventative or detective controls they can put in place to solve the issue themselves. They have to rely on carriers to solve it.

The Business Risks and Costs of Cybersecurity Breaches

The financial implications of cybersecurity breaches are staggering. According to IBM's 2021 Cost of a Data Breach Report, the average cost of a data breach is $4.24 million, an increase of nearly 10% from the previous year. For businesses, this includes direct costs such as fines and remediation, as well as indirect costs like reputational damage and loss of customer trust. High-profile breaches have demonstrated the severe financial impact, with companies like Equifax, Target, and Marriott facing multi-million dollar fines and settlements.

A Call for Global Collaboration

These examples highlight the effectiveness of centralized solutions in addressing widespread cybersecurity challenges. To build on these successes, we propose a more global approach to cybersecurity, bringing together companies and organizations to address issues that have reached an epidemic scale. This collaboration could be led by a U.S. government body like the Cybersecurity and Infrastructure Security Agency (CISA), a non-profit organization, or an international consortium similar to NATO.

Facilitating Anonymity and Transparency

For this approach to work, there must be a mechanism for security auditors and penetration testers to anonymously submit common findings. This system would allow common vulnerabilities to surface, enabling the collaborative body to prioritize and address these issues efficiently. Establishing such a system would be complex, likely requiring new certification processes and legal agreements, but it is essential to identify and address global cybersecurity threats effectively. SEC 8-K filings and breach reports from entities like Verizon could also provide valuable insights.

Conclusion

By fostering a culture of collaboration and centralizing efforts to address cybersecurity threats, we can create a more resilient and secure digital landscape. It is time to move beyond isolated solutions and embrace a collective approach that leverages the strengths of various stakeholders to protect our global digital infrastructure. For businesses, this means mitigating the financial risks associated with cybersecurity breaches and ensuring long-term operational stability and trust.