CYBERSECURITY: TRUST THROUGH COLLABORATION
The overall purpose of collaboration is to gain mutual benefit from working on specific problems that are of common interest and thereby gain from shared knowledge and experience.
Running a successful multi-partner project requires the development of trust. Various trust-building mechanisms used by CyberNB are memorandum of understanding, non-disclosure agreements, and other sharing strategies such as data sharing and joint development of a model for managing the sharing of intellectual property.
Another way to work together on multi-partner projects is by adopting an open innovation model. This reduces the risks of failure in R&D projects and increases the co-evolving of capabilities by organizations.
We already know that cybercriminals collaborate, share methods of attack, tools/techniques, and generally anything that will help them achieve their goals. This collaborative nature helps them learn how to take advantage of our weaknesses.
But what about the good guys? How do we improve our efforts to move our capabilities closer to those of the cybercriminals? We have some written rules and regulations to prevent us from sharing (privacy, intellectual property) and unwritten rules like maintaining a competitive advantage. How do we improve our collaboration, where do we start?
One of the key principles of CyberNB’s operating model is to collaborate and partner with others across all areas. This has enabled the delivery of multiple objectives of like-minded organizations working together to move the ball forward in the Canadian cybersecurity ecosystem.
“While expanding collaboration is a common hope for many leaders, SRM leaders of the CyberNB Program has shown several strengths since the early days of the project. Partnerships that did not exist in the past have formed with competitors and alliances with companies.”
Each of these principles enables organizations to improve trust between them. This, along with a strong and common sense of purpose for the outcomes of the project combined with use of the core principles of collaboration fosters the development of trust.
Key principles in collaborative projects:
- Project partners can identify each otherand are actively encouraged to continue to develop their relationships outside of the project.
- Governance – Member behaviour is regulated according to group valuesaround collaboration.
- Communication– Members can interact with each other.
- Boundaries– The community knows why it exists and who is outside and inside.
- Trust– Members must be able to build trust over time with other members and the group organizers.
- Exchange– The group recognizes the value from the exchange of knowledge and ideas.
- Expression– The group has a recognizable personality; members are aware of what other members are doing.
- History– The group remembers what has happened; it reacts and changes in response.
A Cybersecurity Defence Alliance?
CyberNB has a project, Canada’s first cross sector Critical Infrastructure – Security Operations Centre (CI-SOC), that is focused on building a set of interactive services targeted towards supporting the defense of Critical Infrastructure from cyberattack.
The CI-SOC project is designed to not only foster the development of services for Security Operations service providers but also to showcase the value of collaboration and sharing to enable better defence. It is working on the practicalities of building trust to enable multi-sector organizations in both public and private sectors.
Our societies are better when we collaborate, and it is no different in cybersecurity, we must work together to better protect ourselves. Cybersecurity is a team sport!