Cybersecurity News that Matters

Cybersecurity News that Matters

“The world should unite to improve security,” says Microsoft senior researcher

by Hongeun Im, Dain Oh, Arthur Gregory Willers

Jan. 30, 2024
11:50 AM GMT+9

As cyberattacks grow sophisticated beyond the point where cyberdefense companies working independently will be less and less able to defend against them, the need for collaboration within the field is more important than ever.

“Security companies might be competitors in the same industry, but for security to advance overall worldwide, they need to pool their resources and work together toward achieving a common goal,” Microsoft senior security researcher Kim Hye-seon said during an interview with The Readable. The interview took place on January 26 during the researcher’s brief visit to Hanyang University in South Korea to participate in an educational program.

Kim Hye-seon, Microsoft Defender for Endpoint Research team senior researcher, is being interviewed after an education program at Hanyang University on January 26. Photo by Hongeun Im, The Readable

Kim, a senior researcher, who works with the Endpoint Research team examining data for Microsoft Security’s security platform, Microsoft Defender, is an expert in malware analysis and antivirus protection. Being on the cutting edge and constantly vying against malicious actors, Kim well understands the critical need for security companies to collaborate to effectively engage with the ever-evolving cybersecurity landscape, an arena rife with increasingly duplicitous and potent threats.

“AI can aid computer security specialists by reducing false positive alerts, yet evolving hacking technologies and security systems will persist in challenging each other, irrespective of AI’s role,” Kim stated. She further emphasized, “To achieve dominance in defense, it’s crucial not just to compete, but to unite globally in pursuit of a common goal.”

The contest between hackers and defenders is frequently compared to an arms race, with both sides continually enhancing their capabilities in order to outdo the other. Kim emphasized that if defenders were to collaborate more, their progress could be significantly more efficient. She noted that such cooperation among security companies would not only provide a broader and more diverse dataset, but it would also bring varied perspectives to the analysis of security threats, thereby improving defense strategies overall and to a degree able to keep pace with the changing landscape.

Cybersecurity education programs play a crucial role in enhancing international security, and Kim is actively contributing to this effort. During her lecture at Hanyang University, she delved into the workings of memory injection techniques, which are now commonly incorporated in contemporary malware. She pointed out that while injection was a rare form of attack a decade ago, it is now rare to encounter malware that doesn’t utilize it. Injection involves an attacker inserting code into the memory space  of another running process, altering the program’s outcomes. Her point in citing this example was clear—that the increasing sophistication of cyberattacks make them harder and harder to respond to, and that today’s innovation will be tomorrow’s commonplace.

Kim further noted that, while instances of cybersecurity collaboration among independent companies have been infrequent, examples of initiatives aimed at global cooperation do exist. One such example is the Overseas Security Advisory Council (OSAC), which was established in 1985 to gather information on global cybersecurity issues. Its scope, however, was limited, as it primarily served to safeguard the resources and intellectual property of a limited number of American companies.

The Center for Cybersecurity Policy and Law (CCPL), a nonprofit organization dedicated to enhancing cybersecurity, represents a step more in line with the type of solution Kim envisions. She commented that, “although it may seem far-fetched, creating a ‘United Nations for cybersecurity’ could prove an effective way to actualize global cooperation.” In furtherance of this idea, the CCPL established the Network Resilience Coalition (NRC), which is dedicated to collaboration and the sharing of ideas and information, in July of last year.

Subscription

Subscribe to our newsletter for the latest insights and trends. Tailor your subscription to fit your interests:

By subscribing, you agree to our Privacy Policy. We respect your privacy and are committed to protecting your personal data. Your email address will only be used to send you the information you have requested, and you can unsubscribe at any time through the link provided in our emails.

  • Hongeun Im
    : Author

    Hongeun Im is a reporting intern for The Readable. Motivated by her aspirations in cybersecurity and aided by the language skills she honed while living in the United Kingdom, Im aims to write about s...

    View all posts
  • Dain Oh
    : Author

    Dain Oh is a distinguished journalist based in South Korea, recognized for her exceptional contributions to the field. As the founder and editor-in-chief of The Readable, she has demonstrated her expe...

    View all posts
  • Arthur Gregory Willers

    Arthur Gregory Willers is a copyeditor at The Readable, where he works to make complex cybersecurity news accessible and engaging for readers. With over 20 years in education and publishing, his exper...

    View all posts
Stay Ahead with The Readable's Cybersecurity Insights