Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Saturday, 2 December, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

The cyber intelligence landscape is evolving

by The Gurus
April 27, 2018
in This Week's Gurus
Share on FacebookShare on Twitter

Written by Kristofer Mansson, CEO, Silobreaker

Driven by digital innovation, business operations have undergone a fundamental transformation over the past decade. And as businesses have moved forward, the fundamentals of cybersecurity have followed behind: What are the weak points in my security strategy? Who are the main threats to my operations? Where am I at risk of compromise? As the shift to a digital marketplace has gathered speed, so has the potential for exposure and the price of failing to secure key assets. The Internet of Things (IoT) is of particular concern in this sense, as it threatens to broaden attack surfaces across the board, especially in the industrial space.

Despite an ever-evolving threat landscape, many organisations remain fundamentally reactive, responding at the point of compromise rather than leveraging real-time intelligence to profile threats as they develop. This is unsustainable. By 2020 it is expected that 25% of cyberattacks will target IoT devices, many of which will be deployed across critical industrial environments. Data breaches have also increased year on year, and the total cost of cybercrime is set to exceed £4.2 trillion per annum by 2021. The time has come for the old approach to change. The requisite experience, knowledge and solutions now exist for cyber threat intelligence to ‘change the game’.  Here’s how:

Shift the mindset and expand the viewpoint

The first step is to switch from a reactive stance to a proactive approach. Playing catch-up is always a sub-optimal outcome, not least because it leaves barely any resources for planning, meaning that the next big problem is often a surprise. To build on an existing security posture it’s vital to stay up-to-date, profile potential threats and evolve processes and strategies pre-emptively. While cyber vendors are often questioned and tested on their ability to deliver ‘actionable intelligence’, the reality is that many organisations don’t have any processes in place to action intelligence. Evolving intelligence needs cannot be met by the important but insufficient practice of simply adding malicious IP-addresses and other indicators of compromise to a SIEM-system or a TIP.  The need for a more holistic approach to threat intelligence, beyond the technical parameters, is widely accepted, yet the traditional IT security industry is struggling to meet demand because they have hardly any experience speaking to the “why?” behind an attack. Finding unstructured insights in social media, paste sites, forums and similar sources from both the surface web and deep/dark web requires companies to turn to different intelligence solutions that are complementary to their existing threat intelligence tools.

Use the data that’s there

Excluding certain, specialised sources, access to data has never been easier. From a security perspective this is both a good thing and a serious concern. An openly available report on a vulnerability today could be leveraged to create the exploit of choice tomorrow, while a single, misplaced password or private key can lead to a devastating breach and huge losses. There is, however, also great potential for spotting emergent threats and transcending the catch-up game that consumes the time of analysts and researchers. The key is to recognise that intelligence is as likely to come from soft data as it is from structured threat information. Making the most of open sources involves processing the data, understanding its relevance to a certain use-case, and then acting on those findings before others do.

Support human analysis with automation

A 2018 SANS survey on the use of cyber threat intelligence noted that, as expected, most organisations are using a wide variety of external data sources, including public feeds, information sharing groups and security vendor reporting. More and more organisations are also recognising that broad attacker trends (76%) and information on vulnerability exploitation (79%) are essential for maintaining situational awareness. However, much of the analysis and intelligence ‘fusion’ taking place is still done manually, with a shortage of skills acting as a major impediment to properly utilising cyber threat intelligence. IOC feeds aren’t enough anymore; if problem is context, the solution is people, and automation, because collecting, processing and reporting on the amount of data in question is simply not human-scalable. Especially when it needs to be done at pace. Furthermore, not all organisations are looking for the same kind of intelligence. In our modern, interconnected world, cybersecurity concerns blend seamlessly into reputational risk and physical security. With no one-size-fits all solution, customisability is king and analysts need a tool that allows them to decide what kind of intelligence will enhance and protect their businesses.

This is what we mean by “changing the game”; altering an existing approach, based on appropriate investment in available technology and utilisation of existing resources. Intelligence platforms do the heavy lifting required to process, slice and visualise massive quantities of data in short order, allowing analysts to create contextually relevant and timely intelligence on a case-by-case basis. The truth is that cyber threats cannot be eliminated – but they can be mitigated, provided that the information is out there, and someone is looking.

FacebookTweetLinkedIn
Tags: Cybercyber intelligenceCyber Securitycybersecuritythreat landscape
ShareTweet
Previous Post

Department for Work and Pensions to spend £15m on GDPR

Next Post

Cybersecurity strategies neglected in wake of the boardroom’s quest for digital

Recent News

Google bins inactive accounts

Google bins inactive accounts

December 1, 2023
Laptop, phone, hands

40% of Cybersecurity Departments Want More Budget to Upskill Employees

November 24, 2023
AI Receives £500 Million Funding in Finance Minister’s 2023 Autumn Statement

AI Receives £500 Million Funding in Finance Minister’s 2023 Autumn Statement

November 24, 2023
Half of Cybersecurity Professionals Kept Awake By Workload Worries

Half of Cybersecurity Professionals Kept Awake By Workload Worries

November 24, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information