By Stephen Osler, co-founder and business director at Nclose.

In the high-stakes game of cybersecurity, the traditional approach of isolated, siloed defence can be a losing strategy for all players involved. Instead of playing solo, organisations should adopt a collaborative defence model, uniting various service providers and clients in a unified front to fortify the client’s security posture.

Harnessing the power of collaborative defence mechanisms and fostering information sharing between cybersecurity partners and their clients delivers substantial value for security teams and their clients, explains Stephen Osler, co-founder and business development director at Nclose.

The game plan: Collaborative pentesting

When organisations or their auditors want to evaluate their security service provider, they often hire a third party to conduct a penetration testing exercise. “Our analysts investigate every incident coming into the security operations centre, so if an organisation runs a pentest and doesn’t tell us, we immediately intensify our investigation. Since the tools used by pentesters are usually similar, we can quickly identify if a pentest exercise is underway.”

Pentesting is a simulated cyberattack on a computer system, network, or application to identify security weaknesses that real attackers could exploit. Conducting a pentest can be expensive, and organisations might not fully benefit from their investment if they do not collaborate with the pentesting service and their Managed Detection and Response (MDR) service, says Osler.

“Pentesting businesses should do more than just report on how many vulnerabilities they find; they should be working with defence teams to provide more value for the client.”

Recalling a recent 6-week purple teaming exercise with a client, Osler highlights the significant impact of collaboration. “We knew the attack could happen at any point. Whenever we detected an incident, we informed the client, who then consulted with the pentesters to pivot and try something else. At the end of the engagement, we all met to discuss areas for improvement, new approaches, and new rules. The client got significantly better value.”

This approach not only improved the client’s cybersecurity but also helped the security teams improve their operations. “When we have visibility and collaboration, we can say let’s work together to identify the weak points in infrastructure and processes, and address them,” says Osler.

“It’s like a team sport, where the defence and offence work together for the best results. Ultimately, the client is the one who reaps the most benefit.”

Collaborative and proactive approach

The collaborative defence model adds value for Nclose, its clients and third parties in their Managed Security Services (MSS) and MDR services, Osler emphasises. “Where there is transparency and collaboration, we can be more proactive and achieve more.

“Clients can benefit from our broad frame of reference and consultative feedback on how to mitigate risk and elevate maturity. But we need open dialogue about planned changes and new strategies so we can proactively mitigate their cyber risk,” he says.

Using a hypothetical scenario, Osler stresses the importance of open communication. “For example, the client should share with us their three-year plan for the business and where it is going, including acquisitions and mergers. This is important because anything going into the news or involving large transaction values could make them the target of a ransomware attack.

“If a client was being acquired, we would look at the new partner and understand what their security posture and strategy was. In the case of rapid expansion, we would supply security toolsets to support this.”

Nclose sees itself as a partner, not just a supplier, aiming to integrate its expertise and advanced solutions with client processes to become an extension of their business. “It’s evident that the evolving nature of cybersecurity demands a unified approach where defence and offence converge. This holistic strategy not only fortifies businesses but also fosters a robust digital ecosystem,” Osler concludes. “In the realm of cybersecurity, the marriage of vigilance and adaptability is where true resilience is cultivated.”