How Effective Is Your Threat Intelligence?

Uploaded on 2020-03-23 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW

Threat intelligence is information an organisation uses to understand the threats that have, will, or are currently targeting the organisation. This information is used to prepare, prevent, and identify cyber threats looking to take advantage of valuable resources. 

Threat intelligence solutions gather raw data about emerging or existing threat actors and threats from a number of sources. This data is then analysed and filtered to produce threat intel feeds and management reports that contain information that can be used by automated security control solutions. The primary purpose of this type of security is to keep organisations informed of the risks they face. 

Digital technologies lie at the heart of nearly every industry today. The automation and greater interconnection they offer have revolutionised the world’s economic and cultural institutions, but they’ve also brought risk in the form of cyber attacks. 
Threat intelligence is knowledge that allows you to prevent or mitigate those attacks. Rooted in data, threat intelligence provides context, like who is attacking you, what their motivation and capabilities are, and what indicators of compromise in your systems to look for, that helps you make informed decisions about your security.

The accreditation and certification body for the technical security industry CREST  has developed a new maturity assessment tool for Cyber Threat Intelligence (CTI) programmes. 

The licence-free tool will help organisations to predict, prepare for, detect and respond to potential attacks through more effective CTI programmes. This new Cyber Threat Intelligence Maturity Assessment Tool provides continuous and effective analysis of a CTI programme in terms of people, processes and technology and supports the adoption of a systematic, structured approach to intelligence gathering.  Development of the CREST tool was led by the CTIPs (CREST Threat Intelligence Professionals) group with support of its members, industry bodies and suppliers of expert technical security services. 

It is based on the 18 steps within the four-phase CTI capability programme presented in the CREST CTI Management Guide.
As different private and public sector organisations require different levels of CTI maturity, the CREST tool reviews maturity against actual requirements and compares it with other similar organisations. 

While organisations with a mature CTI programme may manage most of their operations in-house, those who are less mature may depend entirely on third parties.

A weighting factor can be set to give the results for particular steps more importance than others. The selected levels of maturity are displayed graphically for each of the four phases and overall, with calculations that take account of both the level of maturity selected for each step and the given weighting. “For many companies and organisations, threat intelligence is a relatively new but increasingly essential tool in the battle against cybercrime... So, it is vital that those responsible for CTI programmes can measure the maturity and effectiveness of their programmes against standardised metrics relevant to both their business and the level of threat." said Ian Glover, president of CREST.

The best solutions use machine learning to automate data collection and processing, integrate with your existing solutions, take in unstructured data from disparate sources, and then connect the dots by providing context on indicators of compromise (IoCs) and the tactics, techniques, and procedures (TTPs) of threat actors. 

Many of the most common third-party risk management practices employed today are lagging behind security requirements. Static assessments of risk, like financial audits and security certificate verifications, are still important, but they often lack context and aren’t always timely. There’s a need for a solution that offers real-time context on the actual threat landscape.

Threat intelligence is one way to do just that. It can provide transparency into the threat environments of the third parties you work with, providing real-time alerts on threats and changes to their risks and giving you the context you need to evaluate your relationships.

For more information and advice on undertaking a Cyber Audit contact Cyber Security Intelligence.

Information Security Buzz:     Recorded Future:    ForcePoint

You Might Also Read: 

Redefining OSINT To Win The Cybercrime War:

The Scope Of A Cyber Security Audit:

 

 

 

 

« Covid-19 Virus Impacts Home Working
Fronton: A Secret Russian Tool To Shut Down The Internet »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Luxar Tech

Luxar Tech

Luxar's network visibility products enable enterprises and service providers to monitor network traffic, improve security and optimize efficiency.

Packet Ninjas

Packet Ninjas

Packet Ninjas is a niche cyber security agency with specialized expertise in the use of digital intelligence to strengthen cyber security.

SafenSoft (SnS)

SafenSoft (SnS)

SafenSoft delivers high-efficiency, low-impact proactive protection against malware, insider threats, and confidential data leakage.

Navaio IT Security

Navaio IT Security

Navaio helps clients with IT Security related challenges with a primary focus on Identity and Access Management, Data Governance, User Awareness and Cyber Resilience Services.

C2SEC

C2SEC

C2Sec provides an innovative analytics platform that assesses and quantifies cyber risks in financial terms based on combining patented big data, AI, and cybersecurity technologies.

AiCULUS

AiCULUS

AiCULUS is a global technology company that specializes in API security and Risk Management products.

Quantum Armor

Quantum Armor

Quantum Armor is a next-gen cyber security monitoring platform that allows you to continuously stay aware of your security posture, and proactively spot trends, vulnerabilities and potential attacks.

Berezha Security Group (BSG)

Berezha Security Group (BSG)

BSG is a cybersecurity consulting firm specializing in all aspects of application security and penetration testing.

Char49

Char49

Char49 specialize in Penetration Testing, Red Team Assessment, Social Engineering and Security Research.

LogicGate

LogicGate

The LogicGate Risk Cloud™ is an agile GRC cloud solution that combines powerful functionality with intuitive design to enhance enterprise GRC programs.

Zenity

Zenity

Zenity is the first and only security governance platform for low-code/no-code applications.

Aembit

Aembit

Aembit is the Identity Platform that lets DevOps and Security manage, enforce, and audit access between federated workloads

All About Cookies

All About Cookies

All About Cookies is an informational website that provides tips, advice, and recommendations to help you with Online Privacy, Identity Theft Prevention, Antivirus Protection, and Digital Security.

Var Group

Var Group

Var Group is one of the main partners for innovation in the ICT sector in Italy.

ESProfiler

ESProfiler

Enterprise Security Profiler. Empowering CISOs with clarity & confidence in their security programme by visualising capabilities, usage and spend against their key threat priorities.

Slide

Slide

Slide is a modern, security-first Business Continuity & Disaster Recovery (BCDR) company built exclusively for Managed Service Providers.