The large array of mitigating solutions for cyber threats can often confuse even the most astute buyers. Buzz words like next-generation, machine learning and Artificial Intelligence tend to take the focus away from the fundamentals.
Today and beyond, the only certainties are death, taxes and cyber-attacks. The challenge, today and forever ahead, is clear. Wait! One more certainty? Regulations.
How do you build and maintain a cyber resilient, regulation ready (think GDPR) business?
A key area of focus must be threat intelligence. Let's cut to the chase:
- If it's not, threat-intel (short form TI) should be on your must-have-cybersecurity-product list.
- Investing in the wrong threat intelligence feed can be costly and even counter productive.
- The right kind of threat-intel can significantly increase your cybersecurity posture.
I spoke to Tushar Vartak, a leading Middle Eastern bank's CISO on how he sourced threat intelligence feeds and how he uses threat-intel to stay a step ahead of cyber criminals. It's available here.
Threat intelligence is not well understood and unsurprisingly, the market takes advantage and flogs painted paper as gold wafers. In this blog, I unravel some mysteries of threat-intel and cover the below key topics.
- Explain threat intelligence to anyone!
- The basics of threat-intel
- The Threat Intelligence Value Pyramid
- Applying Threat Intelligence
- Sourcing and key considerations
- Key Takeaways
- Useful links & more information
Who should read this?
- Management such as CIO, CISO, CRO, IT Directors and anyone in charge of reducing an organisation's cyber risk.
- If you are a CISSP, studying for the CISSP, CISM, CISA or if you are an IT or security engineer.
- Auditors and folks in the governance, risk and compliance domains will find this information insightful.
Threat Intelligence is a widely used term now. If you are a cybersecurity professional, you must be familiar with the term even if you don't fully understand the nuances. Threat intelligence plays a crucial role in today's cybersecurity defence apparatus and must be correctly understood by professionals working in the various domains of cybersecurity, especially those in security operations centres, dealing with SIEM like tools or those that work with incident response teams.
Cyber Management Alliances preferred IT security solutions and consultancy provider, Advanced Cyber Solutions, have been awarded the Ipswitch Partner of the Year for Northern Europe, in recognition of their unrivalled service in the region.
IT solutions provider Systematic have chosen Ipswitch MOVEit Transfer as their MFT (Managed File Transfer) solution, describing the offering as "ticking all the boxes" after evaluating other competing solutions.
Has there ever been a more confusing data security standard than the PCI-DSS? Even now, thirteen years on from its initial release, a clear understanding of what you need to achieve to be compliant may still be a challenge.
FIM or File Integrity Monitoring, is without a doubt a highly important layer of defence in any network worth protecting. Required by data security standards such as PCI-DSS and recommended by auditors and security practitioners globally. FIM monitors critical system files, operating system components and even network devices for unauthorised changes.
Cyber criminals are always trying to find different ways to hack devices to make money.
Now they have another way. Called ‘jackpotting’, hacks attacks ATM machines; but to do this, physical access to the dispensing device is needed in order to empty it of all its cash.
Another day, another data breach. This time with MyFitnessPal, a nutrition tracking app that was acquired for US$475million by Under Armour Inc.
Facts (may change) As result of a cybersecurity breach, close to 150 million accounts (yes, it's a massive data breach) have been compromised. Attribution of the malicious actors behind this incident is unknown.
At best, Under Armour has been sloppy and lazy in responding to this breach. I talk about the following in my opinion piece.
Is the board listening? We all know that GDPR will be enforced from 25th May 2018, but is your board aware of their new privacy obligations? While there is substantial GDPR coverage in the technical press, has the message got through to senior management? Are their preparations adequate?
The FBI estimates that between the years of 2013 and 2017, US businesses were victim to loses of over 5bn USD from phishing attacks alone. It is no surprise then that phishing simulation tools and anti-phishing solutions are popular for businesses and organisations who wish to get ahead of the problem.
After facing major and publicly embarrassing data breach in 2017, Doncaster & Bassetlaw Hospitals NHS Foundation Trust has chosen wisely in Shieldox as their GDPR readiness solution in document security. Providing both document encryption, access control and tracking in both the cloud and on the desktop, Shieldox has given much needed peace-of-mind to Robin Smith, the IT security manager for Doncaster & Bassetlaw Hospitals NHS Foundation Trust.
There is no shortage of information about the GDPR out there, from the six core principles to data subjects rights to the lawful basis for processing, there is a dizzy number of changes an organisation may need to implement. Solution selling on the back of the GDPR message is a sore subject for many and for good reason. The gold mine that is the GDPR is a marketers dream gone wrong.
The GDPR (General Data Protection Regulation) is a complex beast at best, with some estimates as low as 15% of organisations being ready for May 25th. Questions and challenges are swirling around various board and meeting rooms regarding how to respond to subject access requests, how long do we retain personal data and what legal basis they have for processing...and that is just the tip of the iceberg.
