In the ever-shifting landscape of cyberthreats and attacks, having access to timely information and intelligence is vital and can make a big difference in protecting organizations and firms against data breaches and security incidents.
Malicious actors are getting organized, growing smarter and becoming more sophisticated, which effectively makes traditional defense methods and tools significantly less effective in dealing with new threats constantly appearing on the horizon.
There’s still a long way to go, but the inroads made are already showing promising signs.
One solution to this seemingly unsolvable problem is the sharing of threat intelligence in order to raise awareness and sound the alarm about new attacks and data breaches as they happen. This way we can avoid major security incidents from recurring and prevent emerging threats from claiming more victims.
Threat intelligence sharing has risen in prominence, giving birth to initiatives such as theCyber Threat Alliance, a conglomeration of security solution vendors and researchers that have joined forces to collectively share information and protect their customers. We’ve also seen government-led efforts, such as the Cybersecurity Information Sharing Act (CISA), which is meant to ease the way for businesses to join the threat information sharing movement.
The evolution of cyberthreat intelligence sharing is culminating in the development of platforms and standards that help organizations gather, organize, share and identify sources of threat intelligence. Cyberthreat intelligence is also shortening the useful lives of attacks and is putting a heavier burden on attackers who want to stay in business.
There’s still a long way to go, but the inroads made are already showing promising signs.
Information gleaned from internal networks and virus definition repositories can serve as sources of threat intelligence, but much more needs to be done to deal with the constant stream of malicious IPs and domains, hacked and hijacked websites, infected files and phishing campaigns that are being spotted on the Internet.
“Today’s cyber threat landscape is polymorphic in nature — constantly changing and making it nearly impossible to detect with traditional security approaches,” says Grayson Milbourne, Security Intelligence Director at cybersecurity firm Webroot. The company’s 2016 Threat Brief has found that 97 percent of 2015’s malware have been seen on a single endpoint, and more than 100,000 new malicious IP addresses are launched every day.
“Given the evolution of malicious code and constantly changing environments, it’s critical that security controls adapt quickly and dependably,” Milbourne says, and he underlines the need to stay ahead of current threats and be able to predict future attacks, which can be achieved through the use of a collective threat intelligence ecosystem.
Creative connections between ideas engage readers, but make sure to connect the dots.
Linking to other bloggers gives you more authority and builds community.
Blog posts can have a story arc too.
Emotion is a powerful motivator. Are you using thinking words or feeling words?