GUEST ESSAY: Data poverty is driving the growth of cybercrime – here’s how to reverse the trend

By Robert Panasiuk

Data poverty is real and it’s coming for your user accounts.

Related: Credential stuffing soars due to Covid-19

The current state of data in cybersecurity is a tale of The Haves and The Have-WAY-mores. All tech companies have data, of course, but the only data that’s truly valuable and provides insights—actionable data—isn’t as universal as it should be.

This “data poverty,” or dearth of actionable insights, is a problem for companies across many verticals. Cybersecurity should not be one of them. The sentinels working to prevent the next SolarWinds breach need all the Grade-A data they can get, and fast. Data democratization, on a privacy-compliant basis, is the only way they’ll get it.

The simple truth is that no cybersecurity company can compete with the data stacks of the FAAMG behemoths, which is why cybercrime is seeing a 63 percent boost over the past year.

It’s time to take steps to democratize data and fortunately there are examples of what this looks like in other industries that show how competing security outfits can link arms and still remain competitive.

Why can’t we be friends?

“Coopetition”—competing companies working together and sharing information—is not uncommon across other industries. Casinos trade intel on card counters. E-tailers partner with physical stores to increase their brick-and-mortar presence. Rival software companies exchanging data can involve more red tape, but fundamentally the information they share achieves the same goals: making more money and ensuring their customers receive the best possible service.

Take adtech, a vertical in which contending platforms have successfully shared data for years. In fact, running an effective ad campaign for a brand often requires collaboration by 5-10 vendors or more (attribution, analytics, brand safety, etc.). Another industry where shared actionable data between competitors is the norm—and possibly a matter of life or death—is healthcare. The exchange of patient data between healthcare providers enables doctors to make optimal treatment recommendations and promptly treat severe ailments.

Panasiuk

Teeming with shared, actionable data is the financial services industry. Around 15,000 businesses in the financial sector are members of the FS-ISAC (Financial Services – Information Sharing and Analysis Center): a consortium of competing banks, payment processors, insurance companies, and others that discuss how to safeguard their respective institutions and customers. From what? Cybercrime.

So why aren’t cybersecurity companies, the mitigators of cybercrime, doing the same?

Cybersecurity insecurities

Sure, opposing cybersecurity organizations share some data, but these trivial generic observations won’t mitigate account takeover and new registration fraud. The most obvious reason for bogarting useful data is competition—fear of giving their fellow cybercrime fighters an advantage—though careful consideration of which data to share would negate this risk, and possibly shield all companies involved (and their customers) from a future attack.

However, cybersecurity leaders don’t always have a choice in the matter. Sometimes novel-length contracts hamstring such efforts, deploying months of carefully worded legalese to prevent the sharing of proprietary data sets.

In other instances, keeping data in-house is a reputation play. It’s understandable if a cybersecurity company is wary about disclosing info related to a hack that outsmarted their defenses. You also can’t blame them for dreading the four-letter data privacy acronyms and other government-sanctioned regulations that carry hefty fines if a violation is revealed.

The reasons for cybersecurity companies to not share practical data beyond commodity threat intel may seem numerous, but the collective weight of those reasons is ultimately negligible.

Sharing timely and functional behavioral data on cyberthreats can only benefit all of the vendors working to neutralize bad actors. No cybersecurity vendor is omniscient. Working together to share actionable data, exchanging a common currency, could help stop a colossal breach and ensure Company A covers Company B’s blindspots and vice versa.

Stronger together

As Head of Product at a cybersecurity company, I see how fraudsters band together to compromise users and steal information, goods, and assets from our customers.  With identity fraud cases doubling from 2019 to 2020, and other types of threats on the rise, sharing actionable data is the only solution which will allow us to curb the damage and mount a coordinated defense against bad actors. And it’s good business.

How do we get more vendors to join the (actionable) data-sharing potluck? Some help from the top could stabilize, and perhaps curb, instances of identity fraud. CISA (Cybersecurity and Infrastructure Security Agency), regulators, and other organizations could offer more incentives to share data related to account compromise, and amend restrictions that do the opposite. Otherwise, the competitiveness among vendors could be challenging to overcome.

Every cybersecurity vendor suffers from data poverty to some degree. Idealistic as the solution may be, exchanging actionable data carefully, compliantly, and expeditiously—before a threat gets out of hand—is what Deduce is set up to do, and I hope others can follow suit. A rising tide lifts all boats, and right in front of us, waving its hand, is a platinum opportunity to keep all of our customers above water.

About the essayist: Robert Panasiuk is vice president of product at Deduce, which supplies the Deduce Identity Network, a platform designed to provide companies of all sizes real-time suspicious login alerts.

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someone