Intel Security’s Samani agrees, but admits this isn’t the view of everyone in the vendor community.
“By and large, they don’t,” he said, asked if solutions always talk to each other. “That's always been bugbear for most organizations, interoperability.”
“I’ve had tons of calls with different vendors that don't want collaborate...but that's up to them,” he said. “But the market, the industry, is not moving in that direction.”
Wood meanwhile bemoans the lack of interoperability as a key issue in his line of work, blaming “siloed” vendors for not understanding technologies across the rest of the security stack. He says that this lack of understanding on how solutions mesh often results in “cracks in the joint”.
“The majority of security vendors don’t have a well-rounded view of security. So many of them don’t understand the parallel technologies involved.”
He went onto say that many vendors are simply “furthering their own agendas”, pushing barely-required products to CISOs, and not doing enough to help end-users establish a safe testing environment with ethical hackers.
“My recommendation is look at the bigger picture, look at the use case of your customer implementing [the solution],” says Wood. “Don’t think about your solution in isolation. Seek out, with vendors help, the cracks that exist in the way systems are built together.”
He added: “Be brave and invest in a proper lab-scale test environment for security people to break systems, properly, outside the live environment.”
Yet Malik argues that collaboration can be difficult, technically: “There are some challenges which come from the pure technology collaboration point of view. Most of that boils down to the amount of time and effort it takes enterprises to stitch together or customize the backend to provide meaningful reporting or metrics.
“This is where vendors that can unify security capabilities across different infrastructure (cloud, on premise) have an advantage in that all the integration is done in the back-end.”
There are, however, other barriers to collaboration, such as culture.
“Focus and paranoia,” said Whitfield. “Vendors are so focused on their own products that sometimes they forget about the customer and their needs.”
Threat intelligence and data sharing leads the way
In parallel with security research, threat intelligence is perhaps the most advanced area of industry collaboration. Previous examples have included the Cyber Threat Alliance, Global Cyber Alliance and the Threat Prevention Alliance, among many others.
Chappell believes that great strides have been taken to improve threat intel sharing between government and industry, such as Intelligence Sharing and Analysis Centers (ISACs) in the US and the Cyber Security Information Sharing Partnership (CISP) in the UK. He and Samani also point to The No More Ransom Project as a fine example of industry, law enforcement and government organizations working together to counter the ransomware threat.
Sign up for CIO Asia eNewsletters.