Collaborate to ‘Defend as One’
At the annual techUK Cyber Security Dinner, the key stakeholders of UK Cyber will connect to discuss the big topics and new developments. The UK Government Cyber Security Strategy 2022 to 2030 published a structure that brought clarity in its principles but also introduced the overarching aim to: Defend as One. This blog will explain why collaboration is growing in the UK Cyber Security Sector, why our sector needs to ‘Collaborate to ‘Defend-as-One’ and offers recommendations for better efficiency in both the Private and Public sectors.
Why ‘Defend as One’ makes sense as a UK theme is obvious to most: it unifies our purpose as a sector. In the high pressure of sales or network configurations we often forget that our job protects people, data and devices everywhere, every day. We can all act alone but from the natural world to engineering, combining effort can mean efficiency or even survival. At all levels in the strata of cyber security, collaboration trumps isolated action and this becomes clear to an observer in the highest, strategic levels.
The best example of strategic collaboration, but perhaps least known, is the Cyber Threat Alliance (CTA). Rather than working in isolation, the lead cyber security vendors talked and founded CTA for wise collaborative reasons. Fortinet, McAfee, Palo Alto Networks, and Symantec were soon joined by Check Point and Cisco as the alliance founding members. Together, these six Alliance members have developed a new, automated threat intelligence sharing platform to exchange actionable threat data. This golden thread of global threat intelligence feeds all the global security requirements and, most of the time, keeps the world safely ahead from those who wish to do electronic harm to others.
At national level, collaboration also benefits the public–private sector relationship and helps keep nations safe and up to date with such a fast-paced market. UK Government and industry collaborative efforts in cyber are increasingly important to our progress and ability to ‘Defend as One’. The techUK led Cyber Management Committee (CMC) allows a coherent industry view to support government on national cyber security. Collaboration also helps the economic effort here with one example of many being techUK & DSIT’s Cyber Growth Partnership (CGP). This provides innovation and weight to schemes to spark additional growth that would not be possible from government alone. Across government other Industry Working Groups also assist several departments from MOD to DESNZ; all are ensuring the Defend as One principle turns from strategy to action.
With strategic and national collaboration bearing fruit, we could ask does intra-Industry collaboration happen sufficiently? The answer from most is probably: ‘not enough’. Why is that? When we examine more mature Business Sectors, such as Construction and Energy, there is a different culture to collaboration to that which we see in the relatively young Cyber sector. In such a new sector, cyber security tenders are often competed for by actors working one versus all in strict isolation. If any partnering is done, it is in a vertical ‘north-south’ supply line. However, when one looks across to other more mature Sectors more ‘East-West’ or ‘horizontal’ collaboration is seen as a natural option; not continuously used but always on the table. With sector longevity comes years of hard-won experience and relationships built out of mutual respect. Deal-making then becomes more of an art by personal relationships than a science of words, prices and compete-or-fail. Is commercial collaboration by former rivals yet seen in our relatively nascent sector? The good news is yes. There are early, positive discussions between rivals now to look at how a joint approach might serve businesses, the nation and its cyber security better than repeated ‘head-to-head’ competitions. This will be a growth area in the decade ahead – it is a natural part of sector maturity in business cycles. So, if you are not a collaborator you will soon learn or be persuaded to be one! Even in the drive for skills companies are collaborating more than before and the Fortinet & TechVets partnership uses synergy to help bridge the skills gap.
The UK Defend as One mantra is being enhanced by strategic, national and business collaboration. These are positive steps towards collective progress but it requires energy from us all ahead. After all, as the old proverb says, a ‘problem shared is a problem solved’.
Author: Chris Parker MBE, Director Government, Fortinet