If government agencies don’t cooperate with both each other and the private sector on threat intelligence, they’ll never be able to keep up with the hackers working against them, according to Cloudera’s director of cybersecurity strategy, Sam Heywood.
“The bad guys are very well coordinated,” Heywood said, explaining that malicious hackers are very good at sharing the vulnerabilities they find in both public and private IT systems. “We simply don’t cooperate with each other on that level.”
Heywood advocated for increased information sharing programs as well as standards for dealing with cybersecurity across government.
“We have to make sure that we have basic security standards across all government systems,” he said, adding that IT practices should be “ensuring that we’re moving toward a level of systems and persons collaboration.”
Heywood noted that one problem facing both government and the private sector is the ability to attract necessary cyber talent to fend off attacks on critical systems, and that collaboration and information sharing can bridge some of that talent gap by offering benefits through everyone’s efforts in the space.
“Once that’s in place, there’s strong demand to really bring the talent of data scientists and others to bear on this,” said Heywood. “One part that’s really exciting is the rate of innovation within the community at large.”
Heywood has lately been working on the Apache Hadoop platform with Apache Spot, which enables security professionals at all levels to share vulnerability information and machine learning data with each other.
“Spot is designed to bring the entire technology community together,” said Heywood. “We believe that cybersecurity analytics is, in and of itself, a big data problem.”
Due to the vast amounts of security data, Heywood explained, there is a latency in the ability to stage and process that data to a level that becomes useful for securing systems. By collaborating through programs like Spot, Heywood said that he hopes cybersecurity professionals can reduce that latency and potentially rise to a cooperative relationship that rivals that of the hackers.
“It needs to be public-private coordination and collaboration,” he said. “You’re simply not going to outrun them on your own.”