Costly cyberattacks are prompting info-sharing among preyed on firms

The SolarWinds cyberattack cost affected companies in key sectors 11% of their annual revenue on average, according to IronNet Cybersecurity.

IronNet commissioned independent research firm Sapio to survey 473 IT security decision makers in the technology, public services, financial, and utilities sectors across the United States, the United Kingdom, and Singapore. 

Their 2021 Cybersecurity Impact Report report revealed that while 92% of respondents express confidence in their current security technology stack, attackers are still evading traditional defensive technologies. 

Nearly half of respondents cited a rise in cyber incidents in the past 12 months, in part due to the increasing sophistication of attacks. 

What is helping, however, is information sharing. Responses revealed positive effects of cyber-related information sharing on an organisation’s overall cybersecurity posture.

Among respondents, 90% indicated that the security posture of their company has improved over the past two years. Also, 72% of companies that have increased information sharing with industry peers report their overall security posture has improved over the past two years. 

Even then, respondents indicated that there are still obstacles that limit collaboration among industry peers — concerns about data privacy and liability (53%), the lack of an automated or standard mechanism to share information with peers (34%), and the fact that shared information is not timely or relevant by the time companies receive it (33%).

Keith Alexander, founder and co-CEO of IronNet, said, organisations are clearly struggling to keep up with the volume and impact of cyberattacks coming from well-funded and well-organized nation states. 

“We believe that the main reason for this is that every organisation is still trying to battle these attacks individually, when they should be working together to create an exponentially stronger defense,” said Alexander.

He said sharing and operationalising attack intelligence through a Collective Defense model provides that automated, real-time solution that is missing in the market, and can be done securely, using anonymised data. 

This is the only way to ultimately shift the balance of power away from the attackers,” he said. “Fortunately, our survey data shows that organizations are starting to increase their information sharing and are seeing benefits from doing so. This is a positive signal towards the adoption of Collective Defense.”

Through the Collective Defense model, IronNet is taking information sharing and collaboration to a new level by enabling anonymised, real-time threat sharing to maximise visibility into the attack landscape and minimize impact on an organisation’s operations.