Collaboration: Why working with competitors is crucial to combat cybercrime


Collaboration is an important factor for success. This has always been true for organisation internally. It may seem counterintuitive at first, but sometimes collaborating with a competitor is the best thing you can do.

Last month, we attended the annual conference in Prague of the Anti-Malware Testing Standards Organization (AMTSO). AMTSO is an international non-profit organization founded in 2008 that brings together specialized testers, security product developers and academics in the security field. In particular, the organization focuses on the improvement, objectivity, quality and relevance of anti-malware testing methods.

Most major security companies and testers are members of AMTSO and all contribute by participating in discussions. In addition, the companies also share a lot of data with each other so that we can better defend ourselves against cybercrime. To share this data, AMTSO members have developed a Real-Time Threat List (RTTL), where malware samples from around the world are collected. These malware samples are available to AMTSO members, who use the samples to run tests. This way, they can validate and verify their own collected samples. In addition, academics, who research or analyze trends in the anti-malware industry, can also use the RTTL list for research. During the annual meeting, we had in Prague this year, AMTSO handed out several awards. This year, G DATA CyberDefense received the award for the best contribution to the RTTL list, together with K7 and MRG Effitas.

Sharing data with competitors?

Often people who work in other industries don't understand why we share data samples with our competitors. The answer to this question is simple. If we do not share data then we will lose the game to cybercriminals. After all, cybersecurity is a global business. With such high threats and risks worldwide, cybersecurity is a huge challenge to address, both in terms of technology and for society. Through collaboration and dialogues, we can come to new insights and take stronger action against cybercrime.

However, the sharing of data is done using cryptographic techniques. This allows the parties to share accurate information with mathematical certainty while making sure that neither party is able to see each other's data or to link each other's most sensitive databases. Moreover, this eliminates the risk of attackers being able to gain access a critical database through infiltrating another database.

Many different types of collaborations have emerged in recent years. For example, in addition to cooperating to share data, there are also specific collaborations in the political, legal, socio-cultural and economic fields. All these collaborations involve different parties: from governments, security specialists to ordinary companies. Therefore, there are many different types of partnerships. At G DATA CyberDefense, for example, we are members of AMTSO, Allianz fur cybersicherheit, EICAR, No More Ransom, Coalition Against Stalkerware, AVAR, Tech Accord, LSEC, G4C, Teletrust as well as a few other bodies that we are not allowed to discuss publicly.

The success of collaborations

While many of these collaborations are very successful, they also result in new challenges. Due to the explosive growth of cybercrime, a huge number of new collaborations have been established. As a result, the various parties often work alongside each other, especially when it comes to cross-sector and international collaborations, it is often difficult to find each other. It is therefore important to look for solutions to bring all these collaborations together. I believe that governments in particular can play an important role in this. They will have to take on a role that allows new connections to be formed. At the moment you mainly see government agencies setting up new collaborations – which is no doubt commendable as it shows that there is an interest in the topic – but one cannot help but notice there is  little initiative to bring existing collaborations together.

However, increased collaboration is what will ultimately yield more and better results than inaction and passivity. By sharing knowledge and data, we can bring new innovations to market, intercept threats sooner and make life a whole lot more difficult for cybercriminals, which is the ultimate goal of the entire industry.

from Eddy Willems
Security Evangelist