The Information Security Forum (ISF), the world’s leading, independent authority on cyber security and information risk management, has released Threat Intelligence: React and Prepare, the organization’s latest report which equips organizations to gain value from threat intelligence by implementing the ISF Approach for Managing a Threat Intelligence Capability.
Since its inception, threat intelligence has been growing in prominence.
Most organizations have considered building a threat intelligence capability, however, many question the potential value. The answer lies in understanding how threat intelligence is produced, its content and how it can be used.
“While organizations continue to rely on well-established security practices, many are seeking additional ways to keep pace with the increasing torrent of attacks,” said Steve Durbin, Managing Director, ISF.
“To efficiently manage cyber risks, organizations must build an accurate view of the threats they face – their capabilities, intentions and actions – and respond accordingly.”
“Many organizations are looking to threat intelligence for this view of their adversaries, but often find it to be ill-defined, costly to buy or produce, and difficult to integrate into decision making. This leads to a failure to deliver the expected business aims.”
Threat intelligence is information about past, present and predicted attacks against an organization from adversarial threats.
This is produced through analysis of available information to inform decisions and actions.
Threat intelligence informs information security professionals how to make decisions to manage cyber risks and enables actions that prepare the organization, not only to react to today’s threats, but also prepare for the future.
(In his world travels, Steve Durbin of the Information Security Forum sees the global cybersecurity industry coming of age. But he also sees the steady maturation of cybercriminals and their schemes. How can organizations best counter the changing threat landscape? Courtesy of Information Security Forum and YouTube)
In today’s climate of insecurity, threat intelligence is fast becoming a crucial tool that is enabling actions which deliver advantages over adversaries and competitors alike.
However, ISF research has found that threat intelligence is failing to deliver on its promise.
While 82% of ISF Members surveyed have a threat intelligence capability, with the remaining 18% planning to implement one in the next twelve months, only 25% of those surveyed believe their capability is fully delivering the expected business objectives.
Threat Intelligence: React and Prepare addresses the five common problems that cause this failure and explains how to build and manage a threat intelligence capability which delivers palpable value.
Only once these actions have been taken will threat intelligence deliver on its promised value, supporting those business goals which so often remain unfulfilled.
“While threat intelligence seldom leads to control over adversaries, it enables the organization to make more informed decisions in the areas it does control, the vulnerabilities and associated business impact,” continued Durbin.
“To ensure threat intelligence delivers value, we recommend that organizations use the ISF Approach for Managing a Threat Intelligence Capability, which provides the ISF definition for threat intelligence, reinforced by three key concepts: the production, content and use of threat intelligence.”
“The ISF Approach for Managing a Threat Intelligence Capability uses the intelligence cycle to produce threat intelligence which meets the requirements to inform decisions and enable actions.”
“It also addresses a number of practical considerations which affect the management of a threat intelligence capability.”
Steve Durbin, Managing Director ISF, offers solutions for C-suite leaders, should their critical infrastructure come under attack and advises how a reliance on older technology can assist an organisation through an internet attack. Fundamentally, whilst the future is becoming more and more digitised, organisations need to be planning for the day when their technology is not working.
Organizations must prepare themselves for unprecedented levels of collaboration to counter threats.
Innovations such as machine learning, big data and predictive analytics are already being explored by leading organizations to transform threat intelligence capabilities.
(In a digital age, the internet is viewed by businesses and individuals alike as a basic utility. Businesses are dependent upon it and this, in itself, is a threat that cyber criminals can take advantage of. We saw in May 2017 how the NHS attack on its critical infrastructure led to a shutdown of the NHS Windows systems, causing medical professionals to have to resort to pens and paper when noting patient data. Moreover, a few years ago Russian hackers cut the internet off in Estonia in a national attack on their critical infrastructure, resulting in business grinding to a halt. The internet is a part of every businesses infrastructure, so what is the impact if this is compromised and what should a business response plan look like? Courtesy of Information Security Forum and YouTube)
The ISF Approach for Managing a Threat Intelligence Capability explains the concepts of effective threat intelligence and how they can be achieved using the intelligence cycle.
Requirements-driven and skillfully produced through analysis, threat intelligence harnesses the expertise and experience of others to provide insight into past, present and predicted attacks against an organization.
This insight bolsters security decision making and enables organizations to act.
Threat Intelligence: React and Prepare is aimed at senior business executives, up to and including board level, who are considering, planning, building or operating a threat intelligence capability.