Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Reward Companies for Sharing Security Information with Greater Insight

“The good guys are reluctant to share for market reputational risk, or for legal reasons, or they don’t want to be seen too close to government, so the bad guys are winning the battle,” said Paul Kurtz (@TruSTARtech), CEO of TruSTAR, in our conversation at the Black Hat Conference in Las Vegas. “The good guys continue to operate by themselves, or enterprise by enterprise. It’s not working. It’s not scaling nor will it scale until they start working together.”

While there is information being shared, it’s ad hoc and it’s often stale, added Kurtz. If you don’t know who you’re sharing the data with, you may sit on it for a long period of time.

The mounting numbers of breaches don’t seem to be enough to get people to share.

“You have to incentivize people to share. If you share something and that incident data is correlated and they get something back and they say, ‘Oh, there are three other companies experiencing the same pain as me’ and then they can go and collaborate with those companies,” suggested Kurtz, “that’s when we’ll really have something special. We can’t just share because we all want to be good guys … We still need to give them something back for taking the time for sharing the data with others.”

Kurtz notes that whenever we fought adversaries in the past, whether it’s cancer, polio, Al Qaeda, or even Nazi Germany, we combined forces to have a greater understanding of the enemy.

As soon as we break down the artificial barriers around information sharing, said Kurtz, we can do much better.

Subscribe to the Tenable Blog

Subscribe
Try for Free Buy Now

Try Tenable.io Vulnerability Management

FREE FOR 60 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.