Threat Intelligence Puts Spotlight on Cyber Exploits

November 23rd, 2016

There is a cyber arms race going on and the bad guys appear to have the lead. Cyber criminals recently hacked the U.S. Democratic National Committee, exploiting flaws in both Windows and Adobe Flash. Hackers took down Twitter, Spotify and Reddit in the recent massive distributed denial-of-service (DDOS) attack.

To be sure, not all attacks are that massive. But the pace is fast and furious. Over the last 12 months, the average organization faced more than 100 breach attempts, of which roughly a third succeeded, according to professional services firm Accenture. So you could be facing as many as two-to-three successful attacks a month.

Fortunately, threat intelligence can provide an added layer of defense, helping your organization determine serious attacks, the context in which they’re occuring and the most effective response.

Threat intelligence starts when you combine your own internal security information with that from external sources. Then you piece together this data to identify vulnerabilities that are being actively exploited. And finally, you use this information to trigger protective actions, such as patching management processes, identify attackers who may be focused on your organization and monitoring the latest attack methods.

Dedicated Intelligence

Many organizations already use threat intelligence. Some 70 percent of security officers recently surveyed by the SANS Institute report using it to some extent. And nearly two thirds also have a dedicated person, team or service provider monitoring threat intelligence.

Threat-intelligence users draw their cyber information from a variety of sources, SANS Institute found, including:
  • 76% from the security community at large
  • 59% from internal systems
  • 54% from public feeds
  • 53% from open source feeds

Another survey conducted earlier this year by the Ponemon Institute found that security professionals at more than three-quarters of North American and U.K companies said threat intelligence is essential to their maintaining a strong security posture.

Don’t Go It Alone

If threat intelligence is so great, why don’t more companies use it? Mainly, due to a lack of resources. In the SANS Institute survey, more than a third of security officials said what’s holding them back on threat intelligence is both a lack of staff and budget.

And in the Ponemon survey, nearly 70 percent of respondents lacked the expertise to make use of it. Almost as many said integrating threat intelligence with their other security systems is difficult and time-consuming.

Masergy’s Threat Intelligence Dashboard gives customers immediate, single-source access to threat data. The dashboard also includes an easy-to-use, instant view of prioritized security threats and the underlying data that created them. So organizations can get ahead of the threat curve with actionable information.

Masergy’s Threat Intelligence Dashboard requires no agents, tuning or complex correlation rules. That frees up security and IT staff to focus on the more important tasks. In today’s cyber arms race, that could make all the difference.

Learn how a Managed Security Service Provider can help your company fill its organizational gaps with this e-book: Time to Recharge Your Cyber Security Strategy.

David Venable

David Venable, Vice President of Cyber Security at Masergy Communications, has over 15 years experience in information security, with expertise in cryptography, network and application security, vulnerability assessments, penetration testing, and compliance. David is a former intelligence collector with the National Security Agency, with extensive experience in Computer Network Exploitation, Information Operations, and Digital Network Intelligence. He also served as adjunct faculty at the National Cryptologic School.