As attacks surge, partnerships help vendors, customers keep up

Surging volumes of ransomware and other malware have made collaboration between security vendors an unavoidable requirement and transformed the vendor-customer relationship in the process, according to a senior Intel Security executive who flagged the value of the company's recent push to extend and tighten its threat-intelligence partnerships.

“Attacks are coming faster and harder than they have ever come before, and customers feel they don't have the ability to operate and move with the agility they need,” Intel Security senior vice president and general manager Chris Young told CSO Australia, noting that vendors had similar issues in keeping up with the flood of ransomware. “We've had to rethink our strategy.”

The attack threat continues to expand even as the nature of the threats ebb and flow: new figures from Infoblox's DNS Threat Index, for example, found that the creation of malicious domains increased by 75 percent – driven by four major exploit kits – during the third quarter of 2015 alone. That company's DNS Threat Index was up 19 percent on the same period a year ago.

Partnering to share threat-intelligence information had filled in gaps in the industry's collective knowledge and paved the way towards a better overall security posture within the corporate environment, he continued, noting strong benefits already achieved from the company's recent Cyber Threat Alliance (CTA), an industry partnership that unites Intel Security with Palo Alto Networks, Fortinet and Symantec.

“Attackers are building so many variants of ransomware right now that it's very hard to operate in a silo,” Young said. “That's what we have done with the CTA as well as continuing to invest in our own threat research and intelligence, and that has been quite valuable for customers.”

Many other security vendors “are trying to go it alone, and to suggest that if customers buy their product they'll get a better result,” said Young, referencing Intel's efforts to not only integrate the acquisition of security giant McAfee but to also leverage the company's extensive systems-management expertise.

“We recognise that most customers have a diverse set of products and tools in their environments, and we want our products to be the foundation they need to get it to all work together.”

The partnership mentality had not only united security vendors around a common cause, Young said, but had been transforming the way that Intel Security works with its customers: “The times where you could make products, get the customer to the sale and move on are over,” he explained.

“Customers are saying that they want us to be a security partner, not just a tools vendor. They need us to become extensions of their businesses; if they don't, they are going to be less able to deal with the diversity and intensity of the attacks coming in their direction.”

Want to know more?

Why not become a CSO member and subscribe to CSO's mailing list.

Get newsletters, updates, events and more right here.

Tags malwareFortinetsymantecIntel securityChris YoungCSO AustraliaCyber Threat Alliance (CTA)threat-intelligence partnerships

Show Comments