We need to democratize threat intelligence data, says IBM Security Vice President Caleb Barlow.
TechRepublic's Dan Patterson sat down with Caleb Barlow, IBM Security Vice President to talk about how to democratize threat intelligence data. The following is an edited transcript of the interview.
Dan Patterson: How do we stop this. I mean I joke a little bit. But how do we--in a world where mostly 20 to 40 billion IOT devices over the next five to seven years. In a world where we want more data privacy protections, and we have things like the GDPR, how do we stop this tide, this rising tsunami of data and still protect ourselves, and what happens to the idea of security with the rising tide of IOT?
Caleb Barlow: Well, I actually think this is a solvable problem. But there's a couple of key steps we have to take. The first, and we start to see this within GDPR, only collect the data you actually need. If you don't need that data for the transaction at hand, either get rid of i, or better yet, don't collect it in the first place.
SEE: GDPR resource kit: Tools to become compliant (Tech Pro Research)
The second thing we've got to really do is we've got to share information on threats. Openly and at speed. We've got to democratize threat intelligence data. And this is a problem not only in the private sector where, you know, companies try to make a profit off of threat intelligence data, but it's also a problem in government where making that linkage between government and the private sector to share intelligence at speed is very difficult. Notice I said, "At speed," because intelligence that's a day or two old isn't intelligence anymore, it's just data.
So, if we work together we actually can solve this problem. But think about what this means in every board room. If you've been attacked, if you've been a victim, then part of your duty is not only to respond to that, but to tell the community around you what happened and how it happened because when you do that you inoculate everyone else.