Craig McDonald 06 May 2016 13:08:59 AEST 2 MIN READ

Breaking through the culture of denial: Why businesses need to begin sharing threat intelligence with one another

There’s an elephant in the room that businesses are reluctant to address. 

Prime Minister Malcolm Turnbull recently announced the $230 million Cyber Security Strategy and referenced the ‘culture of denial’ that has existed amongst business and governments alike when it comes to cyber attacks.

The need for closer collaboration within industry when it comes to sharing threat intelligence is not just justified but absolutely critical to protecting the state of the nation in the long run.

Businesses are naturally reluctant to talk about their experience with cyber security incidents. In 2014, 693,053 Australian businesses experienced a cyber crime but only 11,703 reported a cyber incident. A recent Small Business Guide from the Australian Government stated that '60% of businesses that experience a cyber attack go out of business within six months of the incident.'

These are staggering statistics and it's long overdue that the Government and the business community acknowledge the extent of what is a rapidly escalating problem.

A skilled and determined cyber criminal can use multiple entry points and vectors to penetrate your defenses, gaining access to your network in minutes and avoiding detection - possibly for months. From cybercrime networks seeking personal financial information and IP, to state-sponsored attacks designed to compromise infrastructure and acquire sensitive data, today’s sophisticated cyber criminals can bypass cyber security efforts and cause material damage to your organisation.

But why would business alert other businesses - and in some cases their competitors - when their security has been breached?

It’s about ensuring the security of the entire ecosystem. Threat intelligence sharing does not mean that businesses need to share their most trusted secrets with one another, but it is in everybody’s interest to share information if and when you are the victim of a cyber attack or when a particular incident raises a red flag.

Collaboration amongst peers within industry is also critical if we are to stay ahead of new threats as they’re evolving.

An industry that does threat intelligence sharing well is the banking industry. In a recent interview with iTWire, Adam Cartwright, Head of Cyber Security for ANZ Bank said, "The banks are very aligned on this. We pick up the phone and talk to each other. We have a deliberate policy of sharing indicators of compromise. That doesn't mean when I pick up the phone I have to tell the other bank what's going on, in fact I don't, but I do pick up the phone in an incident and say 'you might like to look at this.'”

On the international stage, the recently established Canadian Cyber Threat Exchange will ‘provide its members and the general public with analysis of cybersecurity issues and act as a point of contact for cyber information-sharing organizations in other countries.’ It remains to be seen how successful this initiative will be but it’s undoubtedly a step in the right direction and Australia would do well to take notice of both the successes and failures of the international community, as well as sharing our own experiences in the interest of building international solidarity.

If Australia is to prosper in the long run, national and international collaboration is key to protecting both our business interests and the state of the nation. It will be the difference between Australia being the ‘Lucky Country’ and our luck running out.


Craig McDonald is the CEO and founder of MailGuard, a leading Australian technological innovator providing complete enterprise-grade protection against email and web security threats such as phishing and malware, spyware, viruses and spam


^ Back to Top