Data and public-private partnerships are the future of cybersecurity

Cybersecurity attacks and incidents like the SolarWinds attack and rampant ransomware have become household names, recognised by security professionals and boardrooms alike.

Supply chain attacks, ransomware and ubiquitous phishing campaigns are now all but commonplace.

In 2021, the FBI reported that internet crime had caused nearly $7 billion in losses. In the UK, 18 ransomware incidents required a nationally coordinated response in 2022 alone. During the third quarter of 2022, approximately 15 million data records were exposed worldwide through data breaches.

The fear of catastrophic vulnerabilities and nation-state-backed threats now loom over nearly every industry.

The scale and sophistication of cyber threats make sense. As organizations continue to enhance their defences, attackers also push the boundaries of innovation and scale, fuelled by the lucrative nature of ransomware, automation, theft of intellectual property and business email compromise.

Cybersecurity is now more essential to our future than ever before. It's the line of defence for virtually everything we rely on today: financial services, healthcare, travel, personal information and identity. Keeping all of that secure is getting harder and more complex, which is why many organizations are turning to two key strategies in the fight against cyberattacks: data and partnerships.

The reality is that security is a data problem. The cyber threat landscape is constantly evolving, squaring us off against creative and well-funded bad actors. IT architectures are becoming increasingly complex, particularly through the utilization of hybrid and multi-cloud environments. On top of that, security teams are bogged down by time-consuming manual processes, against constantly new novel attacks, with little to no time to be proactive. Furthermore, the number of tools, apps and systems used inside organizations continues to proliferate, creating an explosion of siloed data that’s led to inefficiencies and blind spots.

Security teams contend with a lot and have immense responsibility, and CISOs (Chief Information Security Officers) are now paramount to the entire organization. The most powerful lever organizations have is to gain insights and take action by using all of their data from across IT systems, apps and infrastructure. Doing so unlocks the ability and information needed for security teams to respond swiftly to threats and disruption. It also lays the foundation of cyber resilience by hardening their security posture for the future to respond to, recover from and even prevent cyber threats faster and more efficiently.

Cybersecurity is now on everyone’s mind — and it must be on shared agendas. This is where partnership is the critical factor.

Cross-sector collaboration can be a game changer for those working to keep cyber threats in check. Over the course of many years, there has been a lot of discussion about public-private partnership, including in cybersecurity. But it has been a lot easier to talk about than to actually enact on a widespread basis. Priorities and incentives have been difficult to align, and bringing parties together is a complicated undertaking.

However, recent events have brought into sharp focus that the only way we are going to address cybersecurity threats is through active partnerships between the private and public sector. Doing so successfully will bring to bear the best of both worlds on problems that impact everyone.

Tech companies like Splunk have powerful enterprise-grade security capabilities that can help turn the tide on the complexity of the cyber landscape. Solutions born in tech companies can help remove barriers and streamline data-sharing across government agencies. At the same time, governments bring crucial knowledge and context to help make sense of the threats and data — and can help elevate the topic in the highest-level agendas.

One powerful example of public-private partnership is the US Cybersecurity and Infrastructure Security Agency’s (CISA) Joint Cyber Defense Collaborative (JCDC), which is driving collective action in the cybersecurity community. The JCDC is a place for defenders from the public and private sectors, including Splunk, that are united by common goals to proactively gather, analyze and share actionable cyber risk information.

The war in Ukraine is another important example of collaboration, with the private sector working with organizations both inside and outside of Ukraine to strengthen defensive cyber postures against nation-state cyber-attacks and other malicious activity. There are already cybersecurity lessons from the war in Ukraine that can inform how we bring the right perspectives around the table.

Looking back at Log4Shell — a vulnerability that put at risk up to 93% of cloud environments, threatening the spread of private data and information — the entire world benefited from private-public partnerships working together to stop a bad situation from getting worse.

That was possible thanks to a neutral forum where vendors and government could share information quickly and privately without competitive advantages, empowering them to share fast and often. The US government acted as a clearing place for accurate and timely information, where customers of vendors and constituents of government agencies could turn to for up-to-date information on Log4Shell.

As more cyber threats inevitably challenge our overall cyber resilience, we’ll need more collaborations like the JCDC and our collective response to Log4Shell to halt the bad actors where and when they arise. Businesses and governments working together with mutual priorities and the right incentives must be the norm, not the exception.

At the same time, we’ll also need international cooperation facilitated by organizations like the World Economic Forum, which provide the opportunity to share knowledge and forge long-term commitments and global collaboration across business, civil society and government in pursuit of a shared goal.

Our adversaries are not limited by borders — and neither should we be. We must not limit our ability to create new partnerships and instead work to demonstrate that we can and will make the digital world safer and more resilient for everyone.