How Effective Is Your Threat Intelligence?

Uploaded on 2020-03-23 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW

Threat intelligence is information an organisation uses to understand the threats that have, will, or are currently targeting the organisation. This information is used to prepare, prevent, and identify cyber threats looking to take advantage of valuable resources. 

Threat intelligence solutions gather raw data about emerging or existing threat actors and threats from a number of sources. This data is then analysed and filtered to produce threat intel feeds and management reports that contain information that can be used by automated security control solutions. The primary purpose of this type of security is to keep organisations informed of the risks they face. 

Digital technologies lie at the heart of nearly every industry today. The automation and greater interconnection they offer have revolutionised the world’s economic and cultural institutions, but they’ve also brought risk in the form of cyber attacks. 
Threat intelligence is knowledge that allows you to prevent or mitigate those attacks. Rooted in data, threat intelligence provides context, like who is attacking you, what their motivation and capabilities are, and what indicators of compromise in your systems to look for, that helps you make informed decisions about your security.

The accreditation and certification body for the technical security industry CREST  has developed a new maturity assessment tool for Cyber Threat Intelligence (CTI) programmes. 

The licence-free tool will help organisations to predict, prepare for, detect and respond to potential attacks through more effective CTI programmes. This new Cyber Threat Intelligence Maturity Assessment Tool provides continuous and effective analysis of a CTI programme in terms of people, processes and technology and supports the adoption of a systematic, structured approach to intelligence gathering.  Development of the CREST tool was led by the CTIPs (CREST Threat Intelligence Professionals) group with support of its members, industry bodies and suppliers of expert technical security services. 

It is based on the 18 steps within the four-phase CTI capability programme presented in the CREST CTI Management Guide.
As different private and public sector organisations require different levels of CTI maturity, the CREST tool reviews maturity against actual requirements and compares it with other similar organisations. 

While organisations with a mature CTI programme may manage most of their operations in-house, those who are less mature may depend entirely on third parties.

A weighting factor can be set to give the results for particular steps more importance than others. The selected levels of maturity are displayed graphically for each of the four phases and overall, with calculations that take account of both the level of maturity selected for each step and the given weighting. “For many companies and organisations, threat intelligence is a relatively new but increasingly essential tool in the battle against cybercrime... So, it is vital that those responsible for CTI programmes can measure the maturity and effectiveness of their programmes against standardised metrics relevant to both their business and the level of threat." said Ian Glover, president of CREST.

The best solutions use machine learning to automate data collection and processing, integrate with your existing solutions, take in unstructured data from disparate sources, and then connect the dots by providing context on indicators of compromise (IoCs) and the tactics, techniques, and procedures (TTPs) of threat actors. 

Many of the most common third-party risk management practices employed today are lagging behind security requirements. Static assessments of risk, like financial audits and security certificate verifications, are still important, but they often lack context and aren’t always timely. There’s a need for a solution that offers real-time context on the actual threat landscape.

Threat intelligence is one way to do just that. It can provide transparency into the threat environments of the third parties you work with, providing real-time alerts on threats and changes to their risks and giving you the context you need to evaluate your relationships.

For more information and advice on undertaking a Cyber Audit contact Cyber Security Intelligence.

Information Security Buzz:     Recorded Future:    ForcePoint

You Might Also Read: 

Redefining OSINT To Win The Cybercrime War:

The Scope Of A Cyber Security Audit:

 

 

 

 

« Covid-19 Virus Impacts Home Working
Fronton: A Secret Russian Tool To Shut Down The Internet »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Hiscox

Hiscox

Hiscox offers cyber and data risks insurance to protect your business against the risks of holding data and using computer systems..

Karlsruhe Institute of Technology (KIT)

Karlsruhe Institute of Technology (KIT)

KIT is a leading research and education institutions with strong capabilities in information systems and security.

IQ Solutions

IQ Solutions

IQ Solutions is a Digital Integrator and an ICT Services Provider, focusing on innovative Cyber Secured ICT managed solutions tailored to the needs of the Maritime Industry.

FoxGuard Solutions

FoxGuard Solutions

FoxGuard Solutions develops customized cyber security, compliance and industrial computing solutions for critical infrastructure entities and control system vendors.

Cyphercor

Cyphercor

Cyphercor is a leading smartphone and desktop-based two-factor authentication (2FA) provider.

FileWave

FileWave

FileWave offers a single solution for managing apps, devices, and more for Mac, Windows, and mobile devices.

CyberInsureOne

CyberInsureOne

At CyberInsureOne, we break down the complex world of cyber insurance, and connect you with providers that can give you and your company peace of mind.

Defendify

Defendify

We built Defendify to help small businesses navigate the cybersecurity landscape with cybersecurity that is dead simple, affordable, and works around the clock.

Blu Venture Investors (BVI)

Blu Venture Investors (BVI)

Blu Venture Investors is a venture capital firm that supports early stage companies with a focus on technology in diverse domains including cybersecurity, IoT, defense and homeland security.

Yellow Brand Protection

Yellow Brand Protection

Yellow Brand Protection operates 24/7 to protect brands' Intellectual Property (IP) from infringements on all kinds of online distribution channels.

Aristi Labs

Aristi Labs

Aristi Labs provides comprehensive security solutions to help businesses protect data and intellectual property, minimizing downtime and maximizing productivity.

drie

drie

drie is an end-to-end cloud services company based in Bahrain, Dubai and London. We enable businesses to adopt, scale on and build for cloud.

Amazon Web Services (AWS)

Amazon Web Services (AWS)

Amazon Web Services is the world’s most comprehensive and broadly adopted cloud platform, offering fully featured services from data centers globally.

Contextal

Contextal

Contextal develops cutting-edge open-source cybersecurity solutions, designed to connect the dots and detect complex threats, which slip through the existing protections.

SolidityScan

SolidityScan

SolidityScan is an advanced smart contract scanning tool designed to uncover vulnerabilities and proactively address risks within your code.

Advanced IT

Advanced IT

Reliable managed IT Security & support services that will help you take your business operations to the next level without breaking the bank!