Use Threat Intelligence to Boost Mobile Security

Uploaded on 2015-07-13 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

GDH89tfyymSwo8ZluyB49A.jpg?

Security professionals are recommending that companies integrate threat intelligence, the real-time sharing of intelligence information about cyber security threats and malicious applications, with mobile device management platforms in order to improve mobile security.

The first step, according to Larry Whiteside, Jr., chief security officer of the Lower Colorado River Authority, is to make sure you’re getting the same level of log information from your enterprise mobility management (EMM)/mobile device management (MDM) provider as you would from your desktop security provider.

Bring threat intelligence feeds into your MDM system so you can use the intelligence about dangerous and malicious apps to upgrade your mobile threat defenses. That’s the recommendation of David Jevans, CEO, Chairman, and CTO of Marble Security, a provider of app security services. Often, you can bring in threat intelligence feeds to your MDM/EMM platform using an API from your MDM or threat intelligence platform provider, he says.
 “Threat intelligence can give an enterprise very quick intel into which apps should not be allowed on your network, and this can be done in a matter of hours inside an enterprise,” Jevans says. The idea is to get the data feed, correlate it with MDM and delete those apps immediately or notify those users.

Of course, things are a bit more complicated in Bring Your Own Device (BYOD) environments, but Jevans still recommends bringing your threat feeds into your MDM. However, he cautioned, that companies need to have management capabilities in place for BYOD in order to know what’s running on users' devices. That typically means deploying an agent to run on user devices that let you know what the device is running, so you can correlate the device to threat intelligence.

It’s important to note that there’s no such thing as mobile specific threat intelligence in the eyes of cyber security experts. Threat intelligence only makes sense when it’s applied across the entire infrastructure. 

Look at threat intelligence as more than just applying individual IP addresses and domains to individual transactions enterprises should look across the entire IT spectrum, including servers, databases and applications to see how mobile interactions are happening and apply threat intelligence to as broad a base as possible.

Threats against mobile devices are part of the larger threat landscape that enterprises face each day. Bringing together MDM/EMM with threat intelligence adds a cyber security over-watch to mobile security ensuring a more expedient response to rising mobile-centric cyber security threats.
Computerworld: http://bit.ly/1GgVUov

 

« Laptop Warriors: A British ‘Cyber Defence League’?
British PM Wants To Ban Encryption »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

RSA Security

RSA Security

RSA provide cybersecurity products for Threat Detection and Response, Identity and Access Management, Governance, Risk and Compliance, and Fraud Prevention.

Brinqa

Brinqa

Brinqa is a leading provider of unified risk management and security analytics.to manage IT governance and technology risk.

Fastpath Solutions

Fastpath Solutions

Fastpath deliver software solutions that enable you to take control of your security, compliance and risk management initiatives.

Hitachi Systems Security

Hitachi Systems Security

Hitachi Systems Security provides customized services for monitoring and protecting the most critical and sensitive IT assets in our clients’ infrastructures 24/7.

TEISS

TEISS

Teiss.co.uk is a website dedicated to providing information about cyber security. TEISS also provide a series of conferences and events focused on cyber security.

Flexential

Flexential

Flexential helps organizations optimize their journey of IT transformation while simultaneously balancing cost, scalability, compliance and security.

Cynerio

Cynerio

Cynerio develops cybersecurity protections for medical devices, comparing network behavior with a database of medical workflows.

Infosistem

Infosistem

Infosistem is a Croatian ICT company with extensive expertise and experience in enterprise and SMB ICT projects and solutions.

Wizlynx PTE LTD

Wizlynx PTE LTD

Wizlynx PTE LTD is the Singapore branch of Wizlynx Group located in Singapore, offering Information and Cyber Security Services throughout the entire Asia Pacific (APAC) region.

Nuspire

Nuspire

Nuspire provide services to protect your network with best-in-class managed detection and response, allowing you to stay focused on managing your business.

Secure Code Warrior

Secure Code Warrior

Secure your code from the start with gamified, scalable online secure coding training for software developers.

Improsec

Improsec

Improsec is a fully independent Cyber Security advisory company - we provide knowledge, experience and both strategic and deep technical expertise to our clients.

Netacea

Netacea

Netacea provides a revolutionary bot management solution that protects websites, mobile apps and APIs from malicious attacks such as scraping, credential stuffing and account takeover.

CRI Group

CRI Group

CRI Group excels at deterring, detecting and investigating crimes against businesses using a global network of professionals specially trained in Anti-Corruption, Risk Management and Compliance.

Intel 471

Intel 471

Intel 471 provides adversary and malware intelligence for leading intelligence, security and fraud teams.

Xcede

Xcede

Xcede are global technology recruitment specialists. We connect companies with exceptional professionals who empower growth.