In today’s cyber landscape, threats move and change faster than ever, making a quick and effective response to a potential intrusion critical. But, according to EY’s latest Cyber Threat Intelligence Report, 36 percent of companies surveyed report that it’s unlikely they would be able to detect a sophisticated attack.

To help solve this problem, cybersecurity experts often look outside their own organization for intelligence to help them diminish a cyber attacker’s advantage. The fact is, the only way to really change the game in cybersecurity response, and even threat prevention, is to understand how the adversary works, what their end goal may be, and to predict where they might go next. Unfortunately, this battle is nearly impossible to win alone. It requires intelligence from a variety of sources, with the power of the crowd being an integral piece of the puzzle.

Connected Communities
Crowdsourcing intelligence in cybersecurity means connecting a community of similarly trained, like-minded, and trusted individuals and organizations to solve the problem of a specific threat, adversary, or industry target. There are some amazing organizations leading the edge in threat intelligence sharing and collaboration such as The Arizona Threat Response Alliance, Inc. (ACTRA). ACTRA is a hub for collaborative cyber information-sharing between partners, industry, academia, law enforcement, and intelligence. It’s a prime example of how cyber information sharing across industries can help all the organizations involved analyze critical, real-time data in a quick, neutral, and cost-effective manner. In this case, ACTRA’s crowdsourced threat sharing enables more effective responses to cyber threats across Arizona’s critical infrastructure and key resources.

[Check out the two-day Dark Reading Cybersecurity Crash Course at Interop ITX, May 15 & 16, where Dark Reading editors and some of the industry's top cybersecurity experts will share the latest threat intel trends and best practices.]

While threat sharing is occurring to a certain degree today through open source tools and even across a handful of industry groups, there is still much room for improvement to create truly crowdsourced threat intelligence sharing. Threat intelligence sharing as we know it today is hindered by manual tracking and analysis, as well as ineffective sharing models, analytic standards, and reporting vehicles that don’t disseminate accurate and actionable intelligence in a timely manner.

So, how can more organizations overcome the obstacles to sharing – and most especially the constraints on time? Here are three industrywide approaches that can grease the wheels for sharing:

It wasn’t so long ago that you couldn’t go a day without seeing an article on how the secret to getting ahead of cyberthreats was sharing. While in theory that worked, it didn’t go very far. It was all just too hard. But, crowdsourcing threat intelligence - gathering it all in one place, leveraging analytics to process it and using orchestration to share it further - has real potential to make this a reality.

Related Content: