In the face of increasingly advanced global cyber threats, companies are embedding information sharing as a crucial part of their threat detection, response, and mitigation strategies – we are stronger together when we act this way.
By quickly identifying patterns and indicators of compromise, organisations can gain the necessary insights to enhance their cybersecurity resilience.
Industries including healthcare, financial services, and telecommunications are already seeing the benefits of timely sharing of threat intelligence across their sectors. This is because sharing insight into the latest attack vectors allows organisations to adapt their cybersecurity strategies and approaches swiftly and comprehensively. For example, the coordinated disclosure of vulnerabilities in the Azure API Management service in 2022 led to timely patches, preventing potential exploitation and safeguarding numerous systems from attacks.
While international and cross-sector collaboration in information sharing has advanced significantly, enterprises can still learn a lot from one another regarding cybersecurity practices. It is essential, however, to carefully navigate the delicate balance between sharing information and limiting disclosure of business-sensitive information, especially after a cyber incident.
The Growing Cybersecurity Attack Surface
Navigating the cybersecurity landscape has never been more complex. The rapid advancement of 5G and emerging technologies is expanding the threat surface, introducing new vulnerabilities and making the security of virtualised and cloud infrastructure more critical than ever. Attacks on these systems can have severe and far-reaching impacts.
Additionally, the proliferation of connected devices, such as IoT and autonomous vehicles, adds another layer of complexity, necessitating robust defences across all components of an organisation. The GSMA’s Mobile Telecommunications Security Landscape 2025 report highlights several emerging threats. The increasing use of spyware against high-profile individuals and challenges in mobile app security, such as dynamic code loading and banking malware (e.g. SharkBot), are significant concerns. The report also underscores the importance of securing AI and machine learning platforms, as these technologies can be exploited to create advanced attack techniques.
Supply chain security is another critical concern, with attackers increasingly targeting third-party vendors to gain access to sensitive systems. There were several incidents last year that highlighted this. For example, the attack on Lumen Technologies involved ransomware and malware, highlighting the need for comprehensive supply chain risk management.
Beating Cybercriminals at Their Own Game
Our report also highlights that cybercriminals aren’t working in isolation.
Attacks on mobile networks, for example, are often undertaken in a coordinated fashion with attackers sharing their techniques, re-using and repurposing previous attacks and collaborating to increase their chances of success. Advanced technologies such as AI and machine learning are multiplying the impact, enhancing precision and scale of their operations.
For instance, attackers can now automate tasks that were once labour-intensive, such as replicating voices and messages using deepfake technology, making social engineering schemes more sophisticated and more difficult to detect. This technological edge allows cybercriminals to execute more effective and widespread attacks.
To stay ahead of these evolving threats, organisations must play the cybercriminals at their own game and play it better. We call this defensive force multipliers, or strength in numbers.
However, while AI remains in reserve in an attacker’s arsenal, continued weak IoT device security or lack of vulnerability mitigations means that many attacks don’t require AI to make them successful.
The Crucial Role of Information sharing in Combating Cyber Threats
In light of all these challenges, real-time information sharing has become the essential in bolstering cybersecurity resilience across all industry sectors.
As society becomes more digitally connected, cyber threats evolve and become more sophisticated. Timely sharing of threat intelligence significantly enhances threat detection and response by helping companies quickly identify patterns and indicators that their security may be compromised.
The process of information sharing enables organisations to adapt their cybersecurity strategies by providing access to up-to-date insights into the latest attack vectors, tactics, and techniques used by cybercriminals. Additionally, real-time sharing fosters trust and collaboration within and across sectors, which is crucial in industries with high interdependencies.
Cybersecurity Synergy: Lessons from Diverse Sectors
Information sharing among different sectors predominantly revolves around threats related to phishing, vulnerabilities, ransomware, and data breaches. Each sector tailors its approach to cybersecurity information sharing based on regulatory and technological needs, carefully considering strategies that address specific risks and identify resolution requirements. However, for the mobile industry, information sharing relating to cyberattacks on the networks themselves and misuse of interconnection signalling are also the focus of significant sharing efforts.
Industries learn from each other by adopting sector-specific frameworks and leveraging real-time data to enhance their cybersecurity posture. This includes real-time sharing of indicators of compromise (IoCs) and the techniques, tactics, and procedures (TTPs) associated with phishing campaigns. An example of this is the recently launched Stop Scams UK initiative, bringing together tech, telecoms and finance industry leaders, who are going to share real-time data on fraud indicators to enhance consumer protection and foster economic security.
This is an important development, as without cross-industry information sharing, determining whether a cybersecurity attack campaign is sector-specific or indiscriminate becomes difficult. Building trusted partnerships that facilitate efficient data and knowledge exchanges in real-time is essential for tackling a wide range of cyber threats.
Ensuring Transparency and Accountability in Cross-Border Cyber Threat Information Sharing
Cybercriminals operate beyond national borders, necessitating cross-border collaboration for a coordinated response to cyber threats. The GSMA fosters trust among our members by providing a neutral and trusted environment for information sharing.
While international data-sharing regulations pose challenges, adopting clear frameworks significantly enhances accountability in cross-border cyber threat information sharing. Using an information classification system like the Traffic Light Protocol (TLP) improves the flow of information across borders by providing clear handling instructions about sensitivity and further dissemination.
Cyber threat information sharing takes many forms, including sharing best practices among subject matter experts about phishing campaigns or security tools to enhance an organisation’s response to cyberattacks. Information Sharing and Analysis Centres (ISACs) serve as crucial hubs for exchanging cyber threat information, fostering a collaborative environment where public and private organisations share insights, strategies, and resources. This flexibility allows a broader range of participants, including small businesses and cross-sector companies, to engage in information sharing. For example, within the telecom sector, the GSMA have developed the Telecommunication Information Sharing and Analysis Center (T-ISAC), which collects and disseminates information and advice on security incidents in a trusted manner, ensuring that sensitive information can be shared between GSMA members. Similarly, the automotive Information Sharing and Analysis Center (Auto-ISAC) provides automotive organisations with threat intelligence and best practices to protect sensitive information, while the Financial Services Information Sharing and Analysis Center focuses on sharing cyber threat intelligence within the financial services sector to enhance security and resilience.
What Companies Can Do?
In terms of the steps organisations can take to effectively tackle cyber threats, companies should build trusted partnerships with other organisations, including competitors, to facilitate real-time data and knowledge exchanges. This collaboration is essential for ensuring a coordinated response to a wide range of cyber threats.
Signing up to ISACs Information Sharing and Analysis Centres (ISACs) serve as vital hubs for exchanging cyber threat information, fostering a collaborative environment where public and private organisations share insights, strategies, and resources. This flexibility allows a broader range of participants, including small businesses and cross-sector companies, to engage in information sharing, enhancing overall cybersecurity resilience.
By prioritising proactive information sharing, companies can stay ahead of emerging threats and safeguard their operations more effectively. This collaborative effort is essential for achieving cybersecurity resilience in an increasingly interconnected digital landscape.
Balancing the Need for Information Sharing with Protecting Individual Privacy
Striking the right balance between information sharing and protecting individual privacy is a critical challenge in today’s cybersecurity landscape. Implementing Privacy-by-Design principles, which integrate privacy protections into the development of systems and processes for information sharing from the outset, ensures that privacy is a fundamental component of cybersecurity strategies.
Data anonymisation techniques are essential to ensure that information being shared does not violate privacy laws and does not unnecessarily expose individual user identifiers. Clear data governance policies, including regular privacy impact assessments and transparent reporting mechanisms, are key for ensuring accountability and transparency in data handling practices.
The importance of information sharing in achieving cybersecurity resilience cannot be overstated. As cyber threats continue to evolve, the ability to quickly identify and respond to
these threats through collaborative efforts is paramount. By fostering a culture of trust and cooperation, industries can enhance their cybersecurity strategies and protect their digital infrastructure more effectively. Moving forward, it’s essential enterprises continue to prioritise proactive information sharing and robust privacy protections to stay ahead of emerging threats and safeguard their operations.
About the Author
Samantha Kight is Head of Industry Security at GSMA. The GSMA is a global organisation unifying the mobile ecosystem to discover, develop and deliver innovation foundational to positive business environments and societal change. Our vision is to unlock the full power of connectivity so that people, industry and society thrive.
