Most Recent Blogs

Challenges around Operationalizing Threat Intelligence

Posted: September 11, 2015   /   By: Jon Oltsik   /   Tags: Cybersecurity, threat intelligence, threat intelligence sharing

connected_earthWhen it comes to threat intelligence, there seem to be two primary focus areas in play: The threat intelligence data itself and the legislative rhetoric around threat intelligence sharing (i.e., CISA, CISPA, etc.). What’s missing? The answer to a basic question: How do organizations get actual value out of threat intelligence data and threat intelligence sharing in a meaningful way?

Read More

Facebook’s Threat Intelligence Sharing Potential

Posted: August 24, 2015   /   By: Jon Oltsik   /   Tags: Cybersecurity, Facebook, threat intelligence sharing

clickEnterprise organizations are actively consuming external threat intelligence, purchasing additional threat intelligence feeds, and sharing internally-derived threat intelligence with small circles of trusted third-parties. Based upon these trends, it certainly seems like the threat intelligence market is well-established but in this case, appearances are far from reality.

Read More

Measuring the Quality of Commercial Threat Intelligence

Posted: July 22, 2015   /   By: Jon Oltsik   /   Tags: malware, cybercrime, threat intelligence sharing

connected_earthIn my most recent blog, I described how a recently published ESG research report on threat intelligence revealed a number of issues around commercial threat intelligence quality. As part of a recent survey of cybersecurity professionals working at enterprise organizations (i.e., more than 1,000 employees), ESG found that:

Read More

Enterprise Objectives for Threat Intelligence Programs

Posted: July 09, 2015   /   By: Jon Oltsik   /   Tags: risk management, threat intelligence sharing

security-threatsIt wouldn’t be a stretch to call 2015 the year of threat intelligence. In February, President Obama signed an executive order at a cybersecurity event held at Stanford University that encourages and promotes threat intelligence sharing between the private sector and federal government. Meanwhile, the US Congress has introduced several threat sharing bills of their own. And at the annual RSA Security Conference in April, threat intelligence was clearly one of the primary topics of discussion among cybersecurity professionals, technology vendors, and government representatives.

Read More

Enterprise Threat Intelligence Programs Are Immature

Posted: July 01, 2015   /   By: Jon Oltsik   /   Tags: Cybersecurity, threat intelligence, threat intelligence sharing

cyber_criminalIt seems like everyone is talking about threat intelligence these days: the feds are promoting public/private threat intelligence sharing across the executive and legislative branches, and the industry is buzzing about threat intelligence feeds, sharing platforms, and advanced analytics. 

Read More

Federal Cybersecurity Carrots and Sticks

Posted: May 01, 2015   /   By: Jon Oltsik   /   Tags: federal government, Critical Infrastructure, Critical Infrastructure Protection, threat intelligence sharing

HandsHoldingLockIn my last blog, I highlighted a recent ESG research survey of cybersecurity professionals working at critical infrastructure organizations. As a review:

Read More

Posts by Topic

see all