Losing Our Religion

Jan 16, 2012
Ed Bellis
Chief Technology Officer, Co-founder

Share with Your Network

An article in the Wall Street Journal last week caught my eye. After being teased into thinking the feds may be going new school a few weeks back, I am tempted to think this move by the banks might truly be. Having spent some time in my career in this world, I can vouch that this is actually a pretty big deal. A quote from someone on the Bank of America team could have came straight out of The New School of Information Security:

“We realized that just as the fraudsters collaborate with each other, we as an industry must collaborate,” said Keith Gordon, a Bank of America senior vice president of security.

Reading the entire article tells you the industry still has a long way to go and there are a number of hold outs still believing secrecy and security religion are the best way to keep information safe. Despite these beliefs, I am genuinely encouraged by the approach being taken here by some of the largest financial institutions in the world. I hope this continues and expands. Information sharing doesn’t need to be an advantage for the fraudsters.

At HoneyApps, we are building out a set of tools and services that serve as a clearinghouse for some of this information, enabling our customers to get insight in an anonymous fashion. As I hope it’s obvious to readers of this blog by now, we are big believers in taking a quantitative, evidence-based approach to security. By sharing information we are all seeing, whether it’s threat activity, successful versus unsuccessful controls, or comparative metrics we can all not only understand what’s important but also raise the tide that lifts all boats.

If anyone has other stories about information sharing across companies that has lead to improvements in the industry, I’d leave to hear about them in the comments.

Read the Latest Content

Research Reports

Prioritization to Prediction Volume 5: In Search of Assets at Risk

The fifth volume of the P2P series explores the vulnerability risk landscape by looking at how enterprises often view vulnerabilities.

5 Things Every CIO Should Know About Vulnerability Management

If you view vulnerability management (VM) as just a small part of your operation, it might be time to take another look.  Managing vulnerabilities is...



Get Started Using the Exploit Prediction Scoring System (EPSS).

Cyentia Institute’s Chief Data Scientist and Founder Jay Jacobs gives tips on how to get started using the Exploit Prediction Scoring System (EPSS). You...

© 2022 Kenna Security. All Rights Reserved. Privacy Policy.