Intelligent CISO Issue 39 | Page 42

Cybersecurity is a cat and mouse game and you must do everything right , whereas an attacker only has to find one mistake . just improving your organisation ’ s own security posture helps the community . For example , right now digital supply chain attacks are a concerning trend .
EXPERT OPINION
attack , there are several programmes and quantifiable options for sharing indicators of compromise and attack that can benefit the overall community ( such as public disclosure , bug bounty programs , work groups and more ).
There are also soft methods , like sharing information about your security efforts , challenges or breaches in a corporate blog or public advisory . The more help you can provide other companies in understanding and properly preparing for potential threats , the better .
And finally , if you don ’ t share threat intelligence or even anecdotal tips ,

Cybersecurity is a cat and mouse game and you must do everything right , whereas an attacker only has to find one mistake . just improving your organisation ’ s own security posture helps the community . For example , right now digital supply chain attacks are a concerning trend .

Almost all businesses have connections to other companies through partnerships or the products and services they choose to use . Because your security is sometimes dependent on these other companies and vice versa , simply improving your own organisation ’ s security can help all your connected customers .
Why is it important to share threat intelligence and security awareness ?
Threat intelligence ( TI ) – like who is attacking you ( or at least the IP addresses or domains of who is attacking you ) – is incredibly useful to others because often the same cybercriminals target multiple companies . The more TI the security and business community shares with each other , the more data everyone can add to their individual security controls . As far as security awareness goes , another company ’ s level of security may inadvertently affect yours , for example if you partner with a company and use their products and services .
Can you highlight some of the top protection strategies to avoid security incidents ?
Unfortunately , there is no cybersecurity ‘ silver bullet ’. The challenging part of security is that it requires a layered approach including many protection strategies , both technical and human . That said , there are three types of protections people should focus on today . First , organisations need modern advanced malware detection solutions . Some of the traditional ‘ antivirus ’ solutions still largely rely on reactive signatures ( patterns ) to detect malware .
Unfortunately , malware today is more sophisticated and evasive . Attackers
42 www . intelligentciso . com