Threat Intelligence Is a Two-Way Street

Uploaded on 2015-04-23 in NEWS-Cybersecurity News, INTELLIGENCE--International, FREE TO VIEW

Intelligence analysis should be looked upon as less of a service and more of a partnership.

In the wake of public breaches of large enterprises, organizations are quickly realizing the need to develop cybersecurity strategies that include developing or acquiring technical and analytical solutions to support network defenders and decision makers alike. As a result, there has been a noticeable boon in the global cybersecurity industry, which is expected to grow to $155.7 billion by 2019, according to a report from Cybersecurity Ventures, a world market research organization.

One capability being offered by many of these cybersecurity companies is Cyberthreat intelligence, which usually encompasses a fusion of technical and threat analysis. Vendors promote their analytic capabilities to deliver accurate, timely threat information in order to provide advanced warning or decision-making advantage to their customers.
However, one challenge that all private security companies have in this space is getting the proper guidance and information from customers, which could be used to improve and focus analysis. An intelligence production cycle will typically have these components, though some organizations may have an added or subtracted step:

During the setting-requirements phase is when a customer will engage with an intelligence unit to identify and determine the issues that need to be covered and shape any intelligence requirements that need to be addressed. Granted, there are those occasions when customers may not know exactly what they want or don’t know how to communicate it via their intelligence requirements. At these times, it is incumbent upon intelligence analysts to help educate and inform customers about the potential pitfalls that may result if requirements are not more advantageously scoped.

This is a critical stage of the process because if questions are not properly scoped and prioritized, collection strategies will be impacted, and the finished intelligence product may not be responsive or may be too vague to be useful. Time invested up front in setting prioritized focused requirements will prevent this from happening.

This is particularly important with cyber-intelligence because organizations can provide information unique to their particular environment and receive indicators and intelligence that help shape their cybersecurity postures. Indeed, Carnegie Mellon’s Software Engineering Institute (SEI) echoes this sentiment in a January 2013 report reviewing how private companies conduct cyber-intelligence. SEI’s key findings cited scoping the cyber-environment to an organization’s mission as one of its recommended best practices for the cyber-intelligence industry.

Ultimately, intelligence analysis should be looked upon as less of a service and more of a partnership whose success relies on the full commitment and engagement of both intelligence producer and intelligence consumer. Organizations that adopt the intelligence cycle into their business practices will find that the more they provide to the process, the more they will receive. Sharing pertinent data such as technical data collected from hostile activity transpiring against networks, and providing advanced notice of business activities, will help focus analytic efforts on the most pertinent cyberthreats against the enterprise. In turn, this information can contribute to the larger community via threat indicators, thereby strengthening the greater collective’s cybersecurity efforts. 

Dark Reading:  

« Leading Belgian Newspaper Hit by Cyber Attack
Gang Warfare: Hacking Groups Clash In Cyberspace »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Fortify Experts

Fortify Experts

Fortify Experts is a search and recruitment firm specializing in Cyber Security.

Institute for Critical Infrastructure Technology (ICIT)

Institute for Critical Infrastructure Technology (ICIT)

ICIT is a leading cybersecurity think tank providing objective research, advisory, and education to legislative, commercial, and public-sector cybersecurity stakeholders.

Lawley Insurance

Lawley Insurance

Lawley is a full-service, independent insurance agency. Specialty insurance products include Cyber Security.

Hedgehog Security

Hedgehog Security

The key objective of Hedgehog is to provide simple, effective and affordable information security improvements that support your drive to increase productivity and profitability.

Aveshka

Aveshka

Aveshka is a professional services firm focused on addressing complex threats and challenges including Cybersecurity and Information Technology.

Network Utilities (NetUtils)

Network Utilities (NetUtils)

Network Utilities provide identity centric network and security solutions to organisations from Telecoms and ISPs to SMEs and large corporates.

Cyber Dacians

Cyber Dacians

Cyber Dacians offers Information and Cyber Security Consulting Services. We help you to test the effectiveness of your security defenses and build a secure infrastructure.

Cyber Insurance Academy

Cyber Insurance Academy

Cyber Insurance Academy was founded to provide insurance professionals with the knowledge needed to work in cyber-insurance and cyber-related insurance fields.

ClosingLock

ClosingLock

ClosingLock is the leading provider of wire fraud prevention software for the real estate industry.

Numen Cyber Technology

Numen Cyber Technology

Numen Cyber Technology is committed to becoming a Threat Discovery and Response expert for corporate customers.

Wib

Wib

Wib is an API security leader. We are the only company providing a solution for the entire API development lifecycle.

ThreatNG Security

ThreatNG Security

ThreatNG is redefining external attack surface management (EASM) and digital risk protection with a platform of unmatched breadth, depth, and capabilities in thwarting technical and business threats.

Kralos

Kralos

Kralos are an experienced team of Software and IT experts, specialized in the development of innovative cybersecurity solutions.

Prequel

Prequel

Prequel is your real-time problem detection and resolution platform, powered by the global reliability community.

CallCabinet

CallCabinet

CallCabinet is the premier cross-platform SaaS provider for end-to-end compliant call recording, AI-driven conversation analytics, call QA, and custom business intelligence reporting.

Auraya

Auraya

Auraya develops its next generation voice biometric AI to deliver easy-to-use and highly secure speaker recognition and fraud detection capabilities.