How Effective Is Your Threat Intelligence?

Threat intelligence is information an organisation uses to understand the threats that have, will, or are currently targeting the organisation. This information is used to prepare, prevent, and identify cyber threats looking to take advantage of valuable resources. 

Threat intelligence solutions gather raw data about emerging or existing threat actors and threats from a number of sources. This data is then analysed and filtered to produce threat intel feeds and management reports that contain information that can be used by automated security control solutions. The primary purpose of this type of security is to keep organisations informed of the risks they face. 

Digital technologies lie at the heart of nearly every industry today. The automation and greater interconnection they offer have revolutionised the world’s economic and cultural institutions, but they’ve also brought risk in the form of cyber attacks. 
Threat intelligence is knowledge that allows you to prevent or mitigate those attacks. Rooted in data, threat intelligence provides context, like who is attacking you, what their motivation and capabilities are, and what indicators of compromise in your systems to look for, that helps you make informed decisions about your security.

The accreditation and certification body for the technical security industry CREST  has developed a new maturity assessment tool for Cyber Threat Intelligence (CTI) programmes. 

The licence-free tool will help organisations to predict, prepare for, detect and respond to potential attacks through more effective CTI programmes. This new Cyber Threat Intelligence Maturity Assessment Tool provides continuous and effective analysis of a CTI programme in terms of people, processes and technology and supports the adoption of a systematic, structured approach to intelligence gathering.  Development of the CREST tool was led by the CTIPs (CREST Threat Intelligence Professionals) group with support of its members, industry bodies and suppliers of expert technical security services. 

It is based on the 18 steps within the four-phase CTI capability programme presented in the CREST CTI Management Guide.
As different private and public sector organisations require different levels of CTI maturity, the CREST tool reviews maturity against actual requirements and compares it with other similar organisations. 

While organisations with a mature CTI programme may manage most of their operations in-house, those who are less mature may depend entirely on third parties.

A weighting factor can be set to give the results for particular steps more importance than others. The selected levels of maturity are displayed graphically for each of the four phases and overall, with calculations that take account of both the level of maturity selected for each step and the given weighting. “For many companies and organisations, threat intelligence is a relatively new but increasingly essential tool in the battle against cybercrime... So, it is vital that those responsible for CTI programmes can measure the maturity and effectiveness of their programmes against standardised metrics relevant to both their business and the level of threat." said Ian Glover, president of CREST.

The best solutions use machine learning to automate data collection and processing, integrate with your existing solutions, take in unstructured data from disparate sources, and then connect the dots by providing context on indicators of compromise (IoCs) and the tactics, techniques, and procedures (TTPs) of threat actors. 

Many of the most common third-party risk management practices employed today are lagging behind security requirements. Static assessments of risk, like financial audits and security certificate verifications, are still important, but they often lack context and aren’t always timely. There’s a need for a solution that offers real-time context on the actual threat landscape.

Threat intelligence is one way to do just that. It can provide transparency into the threat environments of the third parties you work with, providing real-time alerts on threats and changes to their risks and giving you the context you need to evaluate your relationships.

For more information and advice on undertaking a Cyber Audit contact Cyber Security Intelligence.

Information Security Buzz:     Recorded Future:    ForcePoint

You Might Also Read: 

Redefining OSINT To Win The Cybercrime War:

The Scope Of A Cyber Security Audit:

 

 

 

 

« Covid-19 Virus Impacts Home Working
Fronton: A Secret Russian Tool To Shut Down The Internet »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Global Secure Solutions (GSS)

Global Secure Solutions (GSS)

Global Secure Solutions is an IT security and risk consulting firm and authorised ISO training partner for the PECB.

Logicalis

Logicalis

Logicalis are a leading provider of global IT solutions and managed services.

FIRST Conference

FIRST Conference

Annual conference organised by the Forum of Incident Response and Security Teams (FIRST), a recognized global leader in computer incident response.

ZyberSafe

ZyberSafe

ZyberSafe is an innovative Danish company specialized within building hardware encryption solutions.

Boldon James

Boldon James

Boldon James are market leaders in data classification and secure messaging software.

H3C Group

H3C Group

H3C provides a full range of Computer, Storage, Networking and Security solutions.

Sysdig

Sysdig

With Sysdig teams find and prioritize software vulnerabilities, detect and respond to threats, and manage cloud configurations, permissions and compliance.

EVOLEO Technologies

EVOLEO Technologies

EVOLEO provides engineering services covering a wide range of needs in the electronics design, embedded and systems engineering.

ColorTokens

ColorTokens

ColorTokens Xtended ZeroTrust Platform protects from the inside out with unified visibility, micro-segmentation, zero-trust network access, cloud workload and endpoint protection.

Infosequre

Infosequre

Infosequre builds up your security awareness culture and turns your employees into the first line of defense against cyber risks.

Phakamo Tech

Phakamo Tech

Phakamo Tech offers a full set of governance, risk, compliance, cybersecurity and Microsoft Cloud services that include consulting, planning, implementation and cyber incident response.

ZINAD IT

ZINAD IT

ZINAD is an information security company offering state-of-the-art cybersecurity awareness products, solutions and services.

ASPIA InfoTech

ASPIA InfoTech

ASPIA Infotech is a leading Information and cybersecurity organization focused on innovative approaches to avert targeted attacks.

Nokod Security

Nokod Security

Nokod Security delivers an application security platform for low-code / no-code custom applications and Robotic Process Automation (RPA).

ITButler e-Services

ITButler e-Services

At IT Butler, our mission is crystal clear: we are dedicated to providing top-tier cybersecurity solutions and best-practice methodologies to secure and enhance your digital infrastructure’s resilienc

rThreat

rThreat

rThreat is a cloud-based SaaS solution that challenges your cyber defenses using real-world and custom threats in a secure environment, ensuring your readiness for attacks.