Please join us for a keynote address from Sophos CTO, Joe Levy, at Virus Bulletin 2020: “Collaborating with Competitors: A Better Strategy to Beat Adversaries.” The keynote goes live on Wednesday, Sept. 28, 2020, at 12 noon ET. Read on for a preview of what to expect.


Written by Joe Levy, CTO, Sophos

“Let’s compete on technological innovation, not threat intelligence.” — Joe Levy, CTO, Sophos

This fall’s Virus Bulletin, originally planned to take place in Dublin, Ireland, will instead be a virtual gathering, due to the ongoing health risks associated with COVID-19.

In March of this year, when the Cyber Threat Alliance invited me to keynote the Threat Intelligence Practitioners’ Summit (TIPS) track that it sponsors at VB, I suspected the conference would transition to online, and started thinking through topics and points that would resonate with both our CTA membership and other attendees in a remote presentation.

Below is a preview of this keynote, “Collaborating with Competitors: A Better Strategy to Beat Adversaries,” (click here to register) which we hope will inspire you and your colleagues to attend (albeit virtually) and think differently about how and why you should share threat intelligence to create stronger defenses.

Why we should work together

“If you want to go quickly, go alone, but if you want to go far, go together.” This proverb couldn’t ring truer for the cybersecurity industry. By working collectively, with a strong spirit of teamwork, we can achieve far more than fighting cybercrime as individual vendors.

Together, we need to improve our approach, share threat intelligence more comprehensively and expand the pool of participants who contribute to (and benefit from) this sharing and collaboration. This is how cybersecurity vendors will make lasting, impactful change.

Indicators of collaboration

CTA is a strong example and positive case study of how competitors can successfully work together. This group is a wonderful role model for others in the cybersecurity industry to follow (and to join). But we can – and need to – do more.

Other evidence of joining forces for a great cause is the COVID-19 Cyber Threat Coalition (CCTC), a grassroots volunteer effort to collect and disseminate threat intelligence about scams, spam, phishing, and malware that leverage our communal, human concerns about a pandemic as a social engineering trope. Since March 2020, the CCTC, has attracted and inspired more than 4,000 incident responders worldwide, ultimately protecting millions of people from becoming victims of cybercrime – a magnitude only possible with the outpouring of collective effort and resources these volunteers brought to bear.

But, we’re ready to graduate to the next stage.

Stumbling blocks and obstacles

As you’ll hear in my keynote, historically there have been many stumbling blocks and obstacles, such as privacy and trust, and a “hoarding mindset” that has inhibited some security companies from working together as an industry. What the CTA and CCTC demonstrate, quite effectively, is that we can break down these barriers. Once we do, this “collective we” will be able to achieve more, as an aligned unit for the security of our customers.

Think differently, think disruptively

It’s time for us as an industry to think differently and think disruptively to make the change we need, and to advance the progress that organizations like CTA have developed. Please join my keynote to learn about how you can motivate your organization and others to transform how and why we share threat intelligence. We look forward to continuing this conversation even after Virus Bulletin – let us know your feedback and experiences as a threat intelligence collaborator. We’d like to hear about the problems you’ve solved simply by working together. 

Back to News