Challenges around Operationalizing Threat Intelligence

When it comes to threat intelligence, there seem to be two primary focus areas in play: The threat intelligence data itself and the legislative rhetoric around threat intelligence sharing (i.e., CISA, CISPA, etc.). What’s missing? The answer to a basic question: How do organizations get actual value out of threat intelligence data and threat intelligence sharing in a meaningful way?

Topics: Cybersecurity threat intelligence threat intelligence sharing

Facebook’s Threat Intelligence Sharing Potential

Enterprise organizations are actively consuming external threat intelligence, purchasing additional threat intelligence feeds, and sharing internally-derived threat intelligence with small circles of trusted third-parties. Based upon these trends, it certainly seems like the threat intelligence market is well-established but in this case, appearances are far from reality.

Topics: Cybersecurity Facebook threat intelligence sharing

Measuring the Quality of Commercial Threat Intelligence

In my most recent blog, I described how a recently published ESG research report on threat intelligence revealed a number of issues around commercial threat intelligence quality. As part of a recent survey of cybersecurity professionals working at enterprise organizations (i.e., more than 1,000 employees), ESG found that:

Topics: malware cybercrime threat intelligence sharing

Enterprise Objectives for Threat Intelligence Programs

It wouldn’t be a stretch to call 2015 the year of threat intelligence. In February, President Obama signed an executive order at a cybersecurity event held at Stanford University that encourages and promotes threat intelligence sharing between the private sector and federal government. Meanwhile, the US Congress has introduced several threat sharing bills of their own. And at the annual RSA Security Conference in April, threat intelligence was clearly one of the primary topics of discussion among cybersecurity professionals, technology vendors, and government representatives.

Topics: risk management threat intelligence sharing

Enterprise Threat Intelligence Programs Are Immature

It seems like everyone is talking about threat intelligence these days: the feds are promoting public/private threat intelligence sharing across the executive and legislative branches, and the industry is buzzing about threat intelligence feeds, sharing platforms, and advanced analytics. 

Topics: Cybersecurity threat intelligence threat intelligence sharing

Federal Cybersecurity Carrots and Sticks

In my last blog, I highlighted a recent ESG research survey of cybersecurity professionals working at critical infrastructure organizations. As a review:

Topics: federal government Critical Infrastructure Critical Infrastructure Protection threat intelligence sharing