Information Security Forum Launches - Threat Intelligence Report

Uploaded on 2017-06-27 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

The Information Security Forum (ISF), the world's leading, independent authority on cyber security and information risk management, recently released Threat Intelligence: React and Prepare, the organisation's latest report which equips organisations to gain value from threat intelligence by implementing the ISF Approach for Managing a Threat Intelligence Capability. 

Since its inception, threat intelligence has been growing in prominence. 

Most organisations have considered building a threat intelligence capability, however, many question the potential value. The answer lies in understanding how threat intelligence is produced and its content.

"While organisations continue to rely on well-established security practices, many are seeking additional ways to keep pace with the increasing torrent of attacks," said Steve Durbin, Managing Director, ISF. "To efficiently manage cyber risks, organisations must build an accurate view of the threats they face, their capabilities, intentions and actions, and respond accordingly. 

“Many organisations are looking to threat intelligence for this view of their adversaries, but often find it to be ill-defined, costly to buy or produce, and difficult to integrate into decision making. This leads to a failure to deliver the expected business aims."

Threat intelligence is information about past, present and predicted attacks against an organisation from adversarial threats and is produced through analysis of available information. 

This insight supports information security professionals to make better decisions when managing cyber risk and enables actions that prepare the organization to not only react to today's threats, but also prepare for the future. In today's climate of insecurity, threat intelligence is fast becoming a crucial tool which delivers advantage over adversaries and competitors.

However, ISF research has found that threat intelligence is failing to deliver on its promise. While 82% of ISF Members surveyed have a threat intelligence capability, with the remaining 18% planning to implement one in the next twelve months, only 25% of those surveyed believe their capability is fully delivering the expected business objectives. 

Threat Intelligence: React and Prepare addresses the five common problems that cause this failure and explains how to build and manage a threat intelligence capability which delivers palpable value. Only once these actions have been taken will threat intelligence deliver on its promised value, supporting those business goals which so often remain unfulfilled.

"While threat intelligence seldom leads to control over adversaries, it enables the organisation to make more informed decisions in the areas it does control, the vulnerabilities and associated business impact," continued Durbin. "To ensure threat intelligence delivers value, we recommend that organisations use the ISF Approach for Managing a Threat Intelligence Capability, which provides the ISF definition for threat intelligence, reinforced by three key concepts: the production, content and use of threat intelligence. 

“The ISF Approach for Managing a Threat Intelligence Capability uses the intelligence cycle to produce threat intelligence which meets the requirements to inform decisions and enable actions. It also addresses a number of practical considerations which affect the management of a threat intelligence capability." 

Organisations must prepare themselves for unprecedented levels of collaboration to counter threats. Innovations such as machine learning, big data and predictive analytics are already being explored by leading organisations to transform threat intelligence capabilities. 

The ISF Approach for Managing a Threat Intelligence Capability explains the concepts of effective threat intelligence and how they can be achieved using the intelligence cycle. Requirements-driven and skillfully produced through analysis, threat intelligence harnesses the expertise and experience of others to provide insight into past, present and predicted attacks against an organisation. 

Threat Intelligence: React and Prepare is aimed at senior business executives, up to and including board level, who are considering, planning, building or operating a threat intelligence capability. 

Founded in 1989, the Information Security Forum (ISF) is an independent, not-for-profit association of leading organisations from around the world. The organisation is dedicated to investigating, clarifying and resolving key issues in cyber, information security and risk management and developing best practice methodologies, processes and solutions that meet the business needs of its Members.

ISF Members benefit from harnessing and sharing in-depth knowledge and practical experience drawn from within their organizations and developed through an extensive research and work program. The ISF provides a confidential forum and framework, which ensures that Members adopt leading-edge information security strategies and solutions.

By working together, ISF Members avoid the major expenditure required to reach the same goals on their own. Consultancy services are available and provide ISF Members and Non-Members with the opportunity to purchase short-term, professional support activities to supplement the implementation of ISF products.

PR Log:

You Might Also Read:

Getting Threat Intelligence Right:

How To Integrate Threat Intelligence:

Threat Intelligence Starter Resources:

 

« UK Fraud Hotspots Revealed
IoT Will Change (Almost) Everything In Cybersecurity »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

FlashRouters

FlashRouters

FlashRouters offers DD-WRT compatible router models with improved performance, privacy/security options, and advanced functionality.

National Cyber Directorate Israel

National Cyber Directorate Israel

The Israeli National Cyber Directorate provides incident handling services for civilian entities and critical infrastructures and works to increase national resilience against cyber threats.

AhnLab

AhnLab

AhnLab provides a range of information security solutions including network security, endpoint security, antivirus and consulting services.

KPN Security

KPN Security

KPN Security is the largest and most complete provider of IT security services in the Netherlands.

Trusted Knight

Trusted Knight

Trusted Knight is a leading provider of security software solutions focused on defeating newly developed malware and crimeware trojans.

BeDefended

BeDefended

BeDefended is an Italian company operating in IT Security and specialized in Cloud and Application Security with years of experience in penetration testing, consulting, training, and research.

PSW Group

PSW Group

PSW Group is a full-service Internet solutions provider with a special focus on Internet security.

Information and Communication Technology Authority (ICT Authority) - Kenya

Information and Communication Technology Authority (ICT Authority) - Kenya

The ICT Authority is responsible for enforcing ICT standards in Government and ensuring information security.

Security BSides

Security BSides

Security BSides is the first grass roots, DIY, open security conference in the world!. BSides is a community-driven framework for building events for and by information security community members.

SuperCom

SuperCom

SuperCom are a global secure solutions integrator and technology provider for governments and other consumers facing organizations around the world.

ISECURION Technology & Consulting

ISECURION Technology & Consulting

ISECURION is an information security consulting company. We provide a unique blend of services to our customers catering to the current information security landscape.

SecurityStudio

SecurityStudio

SecurityStudio is a continuous cybersecurity risk management platform that allows decision-makers to quickly identify the most immediate threats and make confident risk informed decisions.

Access Talent Today

Access Talent Today

Access Talent Today is an AI/ML and cyber security talent provider.

SECTA5

SECTA5

SECTA5 is a cybersecurity company building a next-generation Continuous Threat and Exposure Management platform, leveraging the expertise of offensively trained cyber defenders.

Digital & Intelligence Service (DIS)

Digital & Intelligence Service (DIS)

DIS is the fourth Service of the SAF, here to defend and dominate in the digital domain, and achieve peace and security for our land.

Dream

Dream

Dream is developing an AI platform that enables cyber resilience and protects nations from hostile nation-states cyber attacks.