Chris Young, Intel Security Group’s top dog, offered Coins2Day an exclusive sneak peek at his Tuesday keynote address at this year’s RSA Conference, the world’s biggest cybersecurity confab.
The senior vice president and general manager of the Intel (INTC) unit formerly known as McAfee plans to speak on two subjects, he said: the need for collaboration within the cybersecurity industry and ways to fix a shortage of professional talent. Here we’ll focus on the former.
Get Data Sheet, Coins2Day’s technology newsletter.
First off, Young has a plea to make. “Competition is holding us back,” he told Coins2Day, referring to the industry as a whole. Sharing threat intelligence is vital to everyone’s success, he said, citing the government’s passage of the Cybersecurity Information Sharing Act as a first step on the road to cooperation.
“There hasn’t been much that’s happened since that bill became law to start to operationalize threat intel sharing in a real way,” he said, lamenting a perceived lack of progress. “Most in the cybersecurity industry are reluctant because we’re all competitors.”
Young, who took the reins at Intel Security a year and a half ago, said he has experience to share as a founding member of a coalition of intel-sharing cybersecurity firms called the Cyber Threat Alliance, which includes Symantec (SYMC), Fortinet (FTNT), and Palo Alto Networks (PANW).
For more on cybersecurity, watch:
At first, he said, the companies began contributing malware samples to a shared set of computer servers to see what else they could discover about the attacks. “After doing that for a while, it was interesting but not compelling,” he said. So the team changed its strategy. The firms decided to drill down on a specific subject: ransomware, or malicious software that infects computers and holds their stored data for ransom.
After the group published a report about these hacking campaigns, it noticed an immediate impact. “A lot of attack communities dumped CryptoWall 3″—a popular ransomware program—”and moved to CryptoWall 4,” Young said. “We know somebody was paying attention to what we did.”
On a phone call, Young cited Coins2Day’srecent coverage of IBM’s security group, to convey his philosophy about sharing cyberattack data. Similar to IBM (IBM), he said, Intel seeks to commoditize threat intelligence information and instead to cash in on analysis and other services.
Young used a culinary analogy to illustrate his point. Just as competing restaurants and chefs might collaborate to source the best possible produce and meat and instead compete on the basis of their recipes, so too should cybersecurity companies share their raw materials and duke it out over higher value-added offerings.
At the conference, Young said he hopes to recruit new members into the alliance, expanding its membership. He also said that he plans to explore integrations with Facebook’s (FB) ThreatExchange platform, which operates sort of a social networking platform for security pros and cyberattack data.
“If the industry presumes the basis of competition is substantively around the threat intelligence that any one given organization holds, then we’ll never collaborate,” Young said. “We view that as the basis of the industry’s economic success or failure.”
Get to know Chris Young through a quick Coins2Day Q&A:
How many RSA Conferences have you attended?
This is my 11th RSA conference in just the U.S. My 18th if I include RSAs in Europe and Japan.
What is your favorite part of RSA Conference, and why?
My favorite part of the conference is the opportunity to connect with the industry’s best, some of whom are friends, customers, partners, former colleagues, and competitors.
Drink of choice at one of the many open bars?
We have a few security-themed drinks at Intel Security’s cocktail reception. Including DXL – Diablo eXtra Large, Protect Punch, Detect-tail, and Correct Cooler.