Unifying Cyber Defense Through Collaboration

When I describe my job to others, I tell them: My job is simple. I get companies to work together to solve their cybersecurity problems. I’m not a vendor; I don’t sell security products. What I offer are community and collaboration. The MM-ISAC is a consortium of member mining and metal companies that work together to better defend against cyber threats. In essence, the ISAC is the members, and I have the unique privilege of helping them cooperate. However, MM-ISAC is not a silo. It would be a disservice to the industry to limit collaboration to just mining companies. 

Everything is Connected

One of my favourite books is by Douglas Adams, “The Long Dark Tea-Time of the Soul,” part of his Dirk Gently’s Holistic Detective Agency series. The details on their own are kinda random and bizarre, but the more details you learn about, the larger picture of how everything is connected comes into focus. Real life is far less random, but focusing on one event or one threat actor, or one solution causes a tunnel vision. Collaboration gives you the opportunity to see more of the pieces, how they fit together and take a step back and see the larger picture.

We live in a connected world, and we know that the world is more connected now than ever. Industries aren’t “air gapped.” The news lately includes third-party breaches and state-sponsored threat actors targeting the private sector. This means we need to be working with our supply chain, government agencies, and third parties. We don’t live in a silo, and building one doesn’t protect us from threats when many of them lie beyond our internal networks.

When a vendor, engineering firm, or OEM reaches out to me and asks, “What can I do to help?” I’m encouraged and excited. Yes! We need to be working together. They have the technology, experts, and resources. Developing a working relationship with vendors is essential to accomplishing the mission of MM-ISAC. My vision is that mining companies will have a voice in the development phase and products will be manufactured with safety and security in mind right from the start.

Security Companies

The “bad guys” share information from cheap to free. In today’s security climate, keeping intel to yourself on threat actors does not increase your profits. There has been a shift these past couple of months, I have noticed among some security companies. They have begun to work together. The days of working against each other are over. Perhaps they realize there are plenty of “bad guys” to go around. There is a storm coming, and things are going to get much worse very quickly. In an industry where trained individuals are scarce, fighting amongst ourselves weakens us, and gives the upper hand to our adversaries. Winter is coming so to speak. Survival tomorrow depends on cooperating today. It won't matter who is on top, just who’s left standing.

I get to work with security companies to integrate platforms. This is exciting news to me, as it better serves their customers and strengthens their defence, while increasing the value they provide. It's a win-win and a no-brainer. All it takes is talking to each other and a little coordination. Currently, there is no one-size-fits-all solution, nor should there be. We need the diversity of vision, experience, and expertise. Otherwise, we would suffer from tunnel vision, miss opportunities for growth and innovation, and entirely miss the big picture. 

Pooling Resources

No one company has the resources to solve any of the problems we are facing. No one security expert knows everything. This is where the real value of the ISAC is realized. Resources can be pooled to conduct research, knowledge can be shared, and analysts can be shared. There is no reason small companies should each have to hire analysts when they are basically looking at the same set of data. Relationships built by the ISAC with vendors and organizations benefit all its members. An ISAC may not be a “security provider” but should be part of every company's defence-in-depth strategy.