The UK’s National Cyber Security Centre (NCSC) recently warned that the cash-strapped third sector is increasingly at risk from malicious actors. With the number of security vulnerabilities reaching over 23,000 in 2022, the talent gap in cybersecurity widening and cyber criminals becoming more sophisticated, public sector organizations are struggling to keep up.
On the physical battlefield, soldiers share information in real time to gain an accurate view of the war zone and react accordingly. The key thing here is information, or data, exchange. So, why isn’t the digital war - that continues to rage on - using the same tactics?
The UK Government's National Cyber Strategy announced last year, with ‘defending as one’ at its heart, places a firm emphasis on an interdepartmental, data-sharing approach to shore up governmental cyber resilience. This approach must extend to the free flow of information with the private sector that has realistically more resources and a larger pool of talent. Yet, setting up an efficient, ever-evolving intersectoral collaboration may seem too time-consuming and complex without a clear starting point, so here’s what public and private organizations need to consider to map out an effective plan for winning the cyber war.
Data is cybercriminals' main target
Data is growing exponentially in volume. Naturally, the more data that is out there, the higher the number of ransomware threats that the private and public sector need to be prepared for. Businesses must protect their data as much as their infrastructure as it is at the heart of any organization, regardless of the sector they operate in. An in-depth defence plan is commendable but it’s ultimately futile if your key resource remains vulnerable. That is why both the public and the private sector need to concentrate their efforts to encrypt and protect data from possible threats. It is tempting to think that technology alone can solve this problem. And while there are tools available that are valuable to protection and recovery, it’s only one part of keeping data safe.
A data-sized hole in cyber warfare tactics
To date, the public and private sectors have lacked formal mechanisms for quickly sharing threat information, hampering the extensive and seamless collaboration needed to address a cybersecurity problem that keeps worsening. While it is common for CISOs to move jobs from one sector to the other and to use their previous experiences to support their current security teams, intelligence sharing still remains confined. Notwithstanding a close-knit network of CISOs and CIOs who share tips and tricks informally, other professionals remain in the dark about the current threat landscape.
All it takes is one person in your organisation to involuntarily expose your entire enterprise. That is why there needs to be a transparent and open flow of knowledge to a wider audience so that information is not siloed, everyone can be vigilant about potential cyber threats and know how to act in the event of an attack.
Sponsoring peer communities
Businesses and governments are already interlinked in their attempts to keep ahead of cybercriminals. You only need to look at examples of the recent Royal Mail attack, which saw the NCSC and the business working together to reduce its impact. And across the Pond, Biden’s newly announced Cybersecurity Strategy will focus on ensuring closer collaboration on cyber between government and industry. Whilst all of this is moving in the right direction in this regard, there’s more work to be done to create more intentional and systematic cross-sharing and learning from one another.
To kickstart the open flow of knowledge in the industry, both public and private organizations could sponsor a wider peer network for security experts (similar to the now common business leaders communities) that streamlines intelligence from private to public or vice versa and offers support. Gartner offers a Peer Connect network of business leaders that encourages the open discussion of trends and ideas, critical to business decision-making. So, why shouldn't there be similar intersectional initiatives for cybersecurity talent?
We are already seeing initiatives that foster collaboration through knowledge sharing. Public and private organizations in the UK can visit the National Cyber Security Centre (NCSC) website for guidelines, self-help tools and services that bolster their cyber defense, including examining their cyber security protection through the Cyber Assessment Framework (CAF) guidance. And in the United States, President Biden supported the Strengthening American Cybersecurity Act, calling for covered businesses to disclose ransomware payment to a federal agency in 24 hours or within 72 hours after the covered entity reasonably believes that a covered cyber incident has occurred.
Whether public or private sector, senior or junior professional, new to the game or not, open discussion and flow of insights is the key to robust cyber resilience going forward. With cyber incidents ever-evolving, those facing the attacks head first need to work as a team, supporting and learning from each other.