What Role Can Collaboration Play?
Kevin Poulsen
21

Building That Future We’ve Been Talking About

Collaboration isn’t just an industry buzzword — it brings proven success

In just 48 hours we’ve talked about legacy systems versus step-change paradigms; moving from the lab to the real world with usability research; whether the best incentives come via government, codes of conduct or the private sector. They’re all serious questions that our industry will have to address. But our biggest problem may be the fragmented way we’re going about it. I applaud Alex Stamos’s thought yesterday: “Lots of us are reinventing the wheel and solving the same problems without realizing that our neighbors have already built great solutions.”

Gerhard Eschelbeck, Head of Security & Privacy Engineering / Google

I couldn’t agree more. And while I talk about this issue a lot, it’s not just lip service. As an industry, we have many examples that prove that collaboration advances security across the Internet.

One example of effective community collaboration is responsible reporting, which encourages people who find security flaws (like the infamous Heartbleed vulnerability) to disclose them in a thoughtful manner. In a similar fashion, bug bounties — which pay independent researchers to identify problems — have proven effective time and again, and today are embraced by industry leaders like Facebook, Microsoft, and Samsung.

Perhaps the most powerful way to protect as many people as possible on as many platforms as possible is to build collective knowledge directly into products themselves.

As an example, Google shares our accumulated knowledge about malware and phishing sites through our Safe Browsing technology, which warns users before they click on risky links, and is available via a public API. Thanks to adoption by Apple Safari and Mozilla Firefox, this data now protects more than a billion people worldwide.

It’s been great to see my peers’ perspectives these past few days on the challenges we face today, and will face tomorrow. We have our work cut out for us. Let’s tackle it together.

The Future of Security Roundtable is a Google-sponsored initiative that brings together thought leaders to discuss how we can best protect ourselves from the data breaches and security risks of tomorrow. Panelists are not affiliated with Google, and their opinions are their own. Read the post that kicked off the roundtable here and feel free to join in the conversation.