As attacks surge, partnerships help vendors, customers keep up

Surging volumes of ransomware and other malware have made collaboration between security vendors an unavoidable requirement and transformed the vendor-customer relationship in the process, according to a senior Intel Security executive who flagged the value of the company's recent push to extend and tighten its threat-intelligence partnerships.

“Attacks are coming faster and harder than they have ever come before, and customers feel they don't have the ability to operate and move with the agility they need,” Intel Security senior vice president and general manager Chris Young told CSO Australia, noting that vendors had similar issues in keeping up with the flood of ransomware. “We've had to rethink our strategy.”

The attack threat continues to expand even as the nature of the threats ebb and flow: new figures from Infoblox's DNS Threat Index, for example, found that the creation of malicious domains increased by 75 percent – driven by four major exploit kits – during the third quarter of 2015 alone. That company's DNS Threat Index was up 19 percent on the same period a year ago.

Partnering to share threat-intelligence information had filled in gaps in the industry's collective knowledge and paved the way towards a better overall security posture within the corporate environment, he continued, noting strong benefits already achieved from the company's recent Cyber Threat Alliance (CTA), an industry partnership that unites Intel Security with Palo Alto Networks, Fortinet and Symantec.

“Attackers are building so many variants of ransomware right now that it's very hard to operate in a silo,” Young said. “That's what we have done with the CTA as well as continuing to invest in our own threat research and intelligence, and that has been quite valuable for customers.”

Many other security vendors “are trying to go it alone, and to suggest that if customers buy their product they'll get a better result,” said Young, referencing Intel's efforts to not only integrate the acquisition of security giant McAfee but to also leverage the company's extensive systems-management expertise.

“We recognise that most customers have a diverse set of products and tools in their environments, and we want our products to be the foundation they need to get it to all work together.”

The partnership mentality had not only united security vendors around a common cause, Young said, but had been transforming the way that Intel Security works with its customers: “The times where you could make products, get the customer to the sale and move on are over,” he explained.

“Customers are saying that they want us to be a security partner, not just a tools vendor. They need us to become extensions of their businesses; if they don't, they are going to be less able to deal with the diversity and intensity of the attacks coming in their direction.”

Read more: Brand-monitoring tool bridges business-IT security divide by ferreting out shadow-IT, phishing knockoffs

Want to know more?

Why not become a CSO member and subscribe to CSO's mailing list.

Get newsletters, updates, events and more right here.

Read more: The week in security: Windows servers, iOS, Macs softer targets than you want to believe

Join the CSO newsletter!

Error: Please check your email address.

Tags Intel securityFortinetsymantecChris YoungCyber Threat Alliance (CTA)threat-intelligence partnershipsransomwaremalwareCSO Australia

More about CSOCustomersFortinetInfobloxIntelIntel SecurityPalo Alto NetworksSymantec

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place