The same model used to identify diseases and prevent infection should be used to identify malware and stop transmission, says security firm Check Point.
The H1N1 flu virus killed up to 100 million people in 1918, but only 14,000 in 2009, due to the collaboration of world health authorities.
“This proves the model of sharing symptom information, identifying a virus, developing a vaccine and distributing that vaccine worldwide, is effective,” said Ian Porteous, technical director at Check Point.
“In 2009, world health organisations recognised that they were reaping the benefits of collaboration and research,” he told attendees of Infosecurity Europe 2014 in London.
Just as individual countries are unable to defend against pandemics, individual organisations are no longer able to defend against increasingly powerful malware, said Porteous.
Several high-profile breaches have demonstrated that despite heavy investments in security controls, attackers are still able to steal data.
But using the collaborative world disease control model, organisations can reduce their risk of infection dramatically in the same way as H1N1 infections in 2009 were reduced from 1918, said Porteous.
The key is a generic model of threat intelligence that combines input from analysts, CERTs, the security community, malware research, sandboxing and security events to identify threat indicators.
Check Point has used this generic model to advocate secure IT infrastructure through what it calls “software-defined protection”, which draws on a database of threat indicators.
The security firm gathers symptom data from its sensors in customer and public networks, and combines this with data from its malware research labs and other security suppliers, including competitors.
Other inputs include shared attack information supplied by customers and dynamic malware analysis through threat emulation.
“We have implanted the generic plan and this approach is working by delivering hundreds of millions of threat identifiers to all customer gateways,” said Porteous.
“Based on our experience, we are advocating a more collaborative approach to protecting oranisations from malware infections,” he said.
Read more about Infosec Europe 2014
- Infosec 2014: Act now, but no new EU data protection law before 2017, says ICO
- US tech dominance Europe's fault, says Mikko Hypponen
- Datacentre security key to cloud security, says Google
- Threat knowledge is key to cyber security, say experts
- Cyber safety will take joint effort, says top EU cyber cop
- UK data breaches slightly down but cost way up, report shows
- Firms moving to cloud despite security fears, study shows