Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Tuesday, 31 January, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Marrying machine and human threat intelligence for ultimate security

by The Gurus
October 20, 2017
in Editor's News, This Week's Gurus
Share on FacebookShare on Twitter

Despite the gloomy cyber attack headlines, many organisations are moving along the cyber security maturity curve and the adoption of intelligence led security strategies has increased. One of the main drivers is the sheer volume of data that comes in and out of a business, which makes it difficult to divulge actionable insight. A lot of data that is not conveyed in the right way can be just as bad as not enough and this is the situation that many companies find themselves in, resulting in threat overload. It comes as no surprise that one in three (32%) security professionals indicate they lack effective intelligence to detect and action cyber threats according to a recent survey[1].
Unfortunately, many security teams are not optimised to deliver on this volume of threat intelligence and are often over-worked, spending far too long doing the (very necessary) simple, basic tasks, but never stepping back to look at what’s going on at a macro level. Many strategies are still in their infancy, more reactive than deliberate. But threat intelligence can no longer be seen to be adding to the big data problem, or just providing tactical indicators.
Security teams must get the people-process-technologies triangle right. When considering which tools to invest in, they should be looking for technology that can assimilate both human-readable and machine-readable information into one easy-to-consume resource. As well as analyse threat data from multiple sources in real time, enabling analysts to quickly and easily assess whether to take defensive action. This potentially reduces the window of vulnerability down to a matter of hours and minutes.
Businesses can therefore identify the threats they must take notice of, which gives them actionable and relevant insight. This automates processes, ascertains valuable outcomes and helps to find insights, which is essential. Such solutions begin by cataloguing information about the identities, motivations, characteristics, and methods of attackers. This knowledge is put in context against real-time activity to identify invasive behaviour with evidence-based knowledge. Customisation is also possible, tailoring tools to suit any network, as threat alerts should be informative, not just alarming. For example, enabling you to discover whether your data is the object of someone’s desire or if your network was simply unlucky.
All of this automation is imperative but the reality is that cyber actors are people too. Human intuition and human intelligence collection (HUMINT) are crucial, as they contextualise threat data into useful and actionable outcomes. Such useful context includes geo-political circumstances, economic struggles, or attacks that are made public that have impacted another industry or organisation. This results in broader visibility and enrichment to existing intelligence collection mechanisms.
It is therefore important to have a robust security team, but also, when choosing the right technology partner ensure that you know the individuals behind the tools. It’s essential they can provide help with both the equipment and people side of intelligence. As well as aid to curate data in a way that is useful to each individual company, contextualising adversaries specifically to an environment and filling any skill gaps. Or during an incident add extra layers of capabilities such as utilising multi-lingual expert security analysts.
In the case of threat intelligence providers, labs teams are continuously monitoring malicious activity on a global scale. While deep and dark web specialists can garner in-depth insights from the murky underworld of the cyber-criminal. This gives you access to more privileged conversations, tools, techniques and exchanges. Adding another human aspect of intelligence.
A DIY Deep Dark Web Service of your own just isn’t possible. Threat actors come from myriad locations across the globe, the linguistic and cultural barriers are huge and penetrating the relevant communities requires extensive trust. Many communities are invite only, so appropriate anonymization practices are required, and as you can imagine, threat actors are constantly on the lookout for “moles”. Building trust and respect takes time and so a third party that can do this is an essential part of a robust security posture to help navigate the murkier side of the web. Subsequently you’ll gain further contextual information that will help to understand the bigger picture of a threat.
As the threats posed by cyber criminals continue to grow, you must simplify the noise of data to find the threat intelligence that is relevant and actionable for your organisation. Disseminating the influx of information, analysing vast volumes of data in real time, and applying both machine and human intelligence to help prioritise malicious activity. You need a deliberate strategy that enables you to be the commander of cyber threats, no longer just mowing the lawns and trying to keep the bad guys out.
[1] Survey of 153 attendees, representing a range of industries, conducted by Anomali at InfoSecurity Europe, June 2017
 
Richard Betts, Head of International Financial Services at Anomali

FacebookTweetLinkedIn
Tags: aiCybercybersecuritydatasecuritytechThreat
ShareTweetShare
Previous Post

Lastline Again Receives Highest Achievable Security Effectiveness Score in 2017 NSS Labs Breach Detection Systems Group Test

Next Post

New Study Reveals Brands Fail to Use Customer Data to Deliver Personalised Digital Experiences

Recent News

JD Sports admits data breach

JD Sports admits data breach

January 30, 2023
Acronis seals cyber protection partnership with Fulham FC

Acronis seals cyber protection partnership with Fulham FC

January 30, 2023
Data Privacy Day: Securing your data with a password manager

Data Privacy Day: Securing your data with a password manager

January 27, 2023
#MIWIC2022: Carole Embling, Metro Bank

#MIWIC2022: Carole Embling, Metro Bank

January 26, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information