Competing businesses encouraged to share incident data as the attackers do

News by Dan Raywood

Sharing information between different sectors will help protect companies from attacks.

Sharing information between different sectors will help protect companies from attacks.

Speaking to SC Magazine, Tal Be'ery, web research team leader at Imperva, said that sharing information within a sector is more effective than sharing generally.

He said: “They [should] share between themselves and know about attacks and experiences; the attackers have the same rules when it comes to assessing attacks as they want the best return on investment on a tool.

“People are getting attacked, so sharing information and data with others is really important and really helps the defence side. Sharing characteristics can really help in the defence of an attack.”

According to the Imperva web application attack report that was released this week, some businesses reported a maximum of 3,006 attacks during a six-month period. Be'ery said that if attack characteristics are better shared, then victims will know what an attack looks like and know the source of the attack.

“With technology such as Big Data analytics, you can automatically determine a security threat and share it with others,” he said.

“You can use it as you need to, as you have got to share as it is important to acquire intelligence. You can also identify malicious traffic without investing resources in seeing what the traffic is doing.”

Asked if businesses could share with confidence that incidents would not be exposed and undermine their reputation, Be'ery said that when choosing sharing software, you need to make sure that you are not disclosing private details of users.

He said: “If it is not anonomised, you need to be careful not to share as the impact that can have is as bad as it ending up with the attackers.”

Imperva launched the ThreatRadar Community Defense crowd-sourced threat intelligence service earlier this year to aggregate and validate attack data.

Responding to a call from a CISO for vendors to better share intelligence between themselves, Imperva CTO and co-founder Amichai Shulman said that as Imperva sees the value in sharing threat data between customers of the same vendor, it makes sense to aggregate shared threat data from different, competing vendors.


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews