Michael Figueroa “Lessons Learned in Building Collaborative Cyber Defenses” at Northeastern
Independent Executive Cybersecurity Advisor Michael Figueroa presented at Northeastern University on Tuesday, October 15. An executive security advocate, his presentation focused on the challenges businesses face in the cyber-security world and how a strong collaborative defense can help mitigate those issues.
Figueroa spoke about the numerous issues the formal governance of cybersecurity can cause for businesses. A traditionally collaborative community, computer scientists have relied on forums, group chats, private servers, and even magazines to learn new code and operations. However, corporate non-disclosure policies often prevent cyber-security teams from seeking advice from outside of the company, limiting the opportunity to learn about new threats and how to treat them. This allows damage to propagate easily; many organizations and institutions in a community may suffer from the same indiscriminate cyber attacks, but without communication about the issue, they cannot prevent the spread of further strikes. Furthermore, this vulnerability may run along the supply chain, impacting vendors, partners, and customers. Additionally, the generalization of security roles paired with the inability to communicate with others has left many security specialists overworked and without the key knowledge needed to handle incoming assaults.
The findings of the Advanced Cyber Security Center’s Collaborative Defense Simulation Test, a multi-organization crisis response study commissioned by Figueroa, indicate that organizations depended on their own resources to handle attacks, regardless if other organizations had the resources to better respond to the issue. Additionally, they did not communicate to the community, including down their supply chain, in order to avoid a public victim-assignment. This led to the cybersecurity teams using personal back-channels and public channels on Slack, an instant-messaging platform, to consult with each other.
Figueroa strongly advocated for cyber defense coalitions between organizations and domestic leadership to organize data sharing both between organizations and within the government. When cybersecurity teams are permitted to share information, not only will they be able to learn how to properly defend from an ongoing attack, but share much-needed resources and create a proactive system of defense. By collaborating, attacks on a community can be dealt with on a unified front and help other organizations create more resilient systems that will help prevent similar offenses in the future.
Sources and Further Reading
ACSC: Collaborative Defense – An Agenda for the Next Five Years