AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Webroot partner portal8/17/2023 ![]() ![]() I can also make better use of limited resources by focusing them on immature issues of high risk, and I can use CTI to educate my executive staff and provide context into our current risk baseline and the adversaries that may look to interrupt our operations. Through the use of CTI I can train my staff on incident response that pertains to our infrastructure, services and applications portfolio. I look at it as a security control enhancement. What role does Cyber Threat Intelligence play in an organization’s security function? Without using CTI, you expend more resources and time and you will miss issues that will leave your organization exposed to business impacting risk. I would say it is, to me the use of CTI is a mature process that assists CISOs and security teams to better deploy their security controls and prioritize which specific deficiencies should be mitigated first. Cyber threat protection is a tactic, is threat intelligence a tactic, too? This would be a service they may contract for through their MSP or MSSP. Now, to answer the question about if companies are equipped to make the data actionable and apply it, I would say many of the SMBs are not, they are trying to do basic hygiene, and this would be a more mature security control for them. ![]() ![]() In essence, it is no longer a broad swath of data but a finely-tuned stream that can be specific for your organization. It is data that can be actionable and applied to technologies and issues that your organization may have. With the rise of cloud and being able to leverage it for cheap computing and storage- and then coupled with AI and ML-you can now do deep data analytics and trend analysis in almost real time which has made threat intelligence real and contextual. Over the last five years as artificial intelligence (AI) and machine learning (ML) have matured as core components for different security products what you have seen is a shift from just blacklisting IP addresses to blacklisting the behavior of packets while they are live in transit on the wire. How has cyber threat intelligence evolved over the last five years? It is the CISO’s responsibility to understand these concerns, have visibility into the risk they place on the company and through the use of strategic services, such as CTI, prioritize what needs to be remediated first. These deficiencies are basically vulnerabilities, targeted for a unique exploitation and as I am sure many of you know, every organization and its networks have deficiencies.
0 Comments
Read More
Leave a Reply. |