RSAC in focus: Collaboration in cybersecurity
“Community. It’s what makes us strong in cybersecurity.” These were the emphatic words of Hugh Thompson, executive chairman of RSAC, as he opened the RSAC Conference 2025. His address, setting the tone for the week, repeatedly underscored that in an era of escalating digital complexity and sophisticated harmful actors, the collective strength of the cybersecurity community – a direct manifestation of collaboration in cybersecurity – is not just beneficial but essential.
In a blog post from the conference, the consensus among the security community and industry leaders was that facing sophisticated, often globally coordinated digital sources of disruption requires a united front. As reported by ITPro, collaboration can be as simple as pairing cybersecurity employees with data scientists, so they can compare notes. The era of siloed defense is rapidly giving way to an understanding that shared knowledge and coordinated action are paramount for collective resilience.
Strengthening public-private partnerships
The call for community resonates strongly with the ongoing efforts to bolster public-private partnerships (PPPs). At RSAC Conference 2025, the dialogue around PPPs stressed the vital link between government agencies tasked with national cyber defense and the private sector entities that manage critical infrastructure and vast data repositories.
These partnerships aim to facilitate a bidirectional flow of information: government agencies can provide declassified intelligence on emerging digital challenges and harmful actor tactics, while private enterprises can share real-time observations of harmful activities encountered on their networks. The goal is to create a more comprehensive understanding of the environment of digital challenges, enabling faster, more coordinated responses to protect critical services and the broader digital ecosystem. Emphasis was placed on overcoming traditional barriers such as speed, trust, and actionable intelligence delivery within these frameworks.
Advancing intelligence sharing ecosystems
Security intelligence sharing is fundamental to collaborative defense, and RSAC Conference 2025 highlighted advancements in enhancing these ecosystems’ effectiveness. Moving beyond the simple exchange of indicators of compromise (IoCs), there is an increasing emphasis on sharing richer, contextual intelligence, including comprehensive tactics, techniques, and procedures (TTPs), often aligned with standardized frameworks like MITRE ATT&CK. This approach enables organizations to transition from reactive blocking to more proactive defense strategies informed by harmful actor behavior insights.
Information sharing and analysis centers (ISACs) and information sharing and analysis organizations (ISAOs), tailored to industries such as finance, healthcare, and energy, continue to evolve, offering valuable sector-specific intelligence. Moreover, the automation of intelligence sharing through standardized protocols like STIX/TAXII is essential for disseminating critical information at machine speed, a necessity in countering fast-moving digital disturbances.
Thompson’s guidance on learning from everybody encompasses both internal and cross-sector collaboration. Within organizations, it’s imperative to foster a security-aware culture where IT, security, development, and business units collaborate effectively. Externally, exchanging best practices across industries strengthens defenses against common digital issues, thereby enhancing overall resilience, as Thompson recommended.
Fostering internal and cross-sector cooperation
Collaboration isn’t solely an external endeavor; it’s equally vital within organizations. RSAC Conference 2025 sessions underscored the need to break down internal silos, fostering closer cooperation between cybersecurity teams, IT operations, legal departments, and business units. Cultivating a culture where cybersecurity is viewed as a shared responsibility, rather than the sole domain of the security team, is essential. This includes integrating security considerations into the entire lifecycle of products and services, often referred to as DevSecOps.
Beyond individual organizations, cross-sector collaboration is also gaining traction. Harmful actors frequently reuse tools and techniques across different industries. By sharing experiences, best practices, and lessons learned, organizations in one sector can better prepare for challenges that have already impacted others. This broader learning loop enhances the defensive posture of the entire business community.
The overarching message from RSAC Conference 2025 regarding collaboration in cybersecurity was one of urgent necessity and practical application. While challenges related to trust, data sensitivity, and operationalizing shared intelligence persist, the fundamental understanding is the benefits of working together far outweigh the difficulties. Building these collaborative bridges is no longer a strategic option but a foundational requirement for navigating the modern cybersecurity landscape.
Source link
