Can crowdsourcing cybersecurity put the good guys ahead?

The good guys are taking a page out of their opponent’s playbook by reaching outIn its recently released survey entitled The State of Cybersecurity in Asia Pacific conducted by Palo Alto Networks, 71% of enterprise respondents in Hong Kong said that cyberattacks have become more sophisticated. And the companies cited that the biggest barrier for them in fighting cybercrime is keeping up with evolving cybersecurity solutions.

They are not alone in feeling the pain.

IT security vendors, whose main goal is to help enterprises safeguard their networks, are also saddled with the constant pressure of developing new products or updating existing ones to address new threats as they arise.

And in the battle between black hats and white hats, the good guys are taking a page out of their opponent’s playbook by reaching out across their traditional divide and collaborating with each other in building solutions that will shut out cyber threats from enterprise networks.

A different kind of crowdsourcing

Technology alliances among IT security vendors – and even among various players in the wider IT industry – are not new. But what has changed is the manner of collaboration.

In this age of the internet and open APIs, the name of the game is crowdsourcing, the practice of turning to a body of people to obtain needed knowledge, goods or services. Companies and organizations, as well as individuals, have used this process to gather ideas, to raise funding, and to consolidate and share information. In the area of cybersecurity, crowdsourcing has been generally identified and used for threat intelligence sharing.

And of late, some security vendors have taken the crowdsourcing route by building a platform to allow third-party technology offerings to integrate with their own security products. This is seen as a fast and cost-efficient way to round out their security portfolio as the open platform enables them to work with several partners simultaneously.

Besides, with enterprises having some 50 or more security systems in their organization, this type of technology crowdsourcing among vendors gives them hope that diverse systems will work better together in the near future.

Two brains are better than one

Developing security solutions takes time – time that security vendors are finding out that they cannot spare – in a bid to be ahead of the next cyber threat looming in the horizon.

With the crowdsourcing model, the pain of software development is divided and shared. This allows big security vendors to engage with a broader spectrum of sources than they would if they had used employees, suppliers and other traditional sources of expertise via conventional routes of engagement.

“It expedites innovation when you do crowdsourcing. More brains are better than one and it underpins that concept,” said Kok Tin Gan, partner – risk assurance at PricewaterhouseCoopers. “From the benefit perspective, I definitely see a business case. You pick the brains of other people to get some new ideas out. You can innovate faster, get a better solution and solve cybersecurity issues faster.”

He added: “And obviously some of the stuff can be cheaper as well. You do not have to go through a very heavy investment which a lot of big companies tend to do.”