Information on the cyber threats permeating our digital environments is widely available. From headline news to expensive security feeds and alerts systems, the options for accessing information are far-ranging. However, information is not intelligence, and when it comes to cyber threat intelligence specifically, being able to bridge the gap between a piece of information and what it means to you is key to an effective cyber security strategy.
LISTEN TO THE FULL EPISODE
According to S-RM’s Director of Cyber Incident Response in London, Tyler Oliver, a good place to start for any organisation looking to build up a cyber threat intelligence capability for the first time is within intelligence community platforms. ‘One of the practices I've seen work really well is organisations that are able to communicate with neighbouring businesses and industry,’ he notes, ‘that's essentially the idea of going out and asking your neighbours: What are you seeing? What is relevant to us as a business? ’
But doing so is not always straightforward, especially as information-sharing is still nascent in many industries. Additionally, once you have the information on hand, an organisation needs to know what to do with it. According to Mona Damian, senior analyst and threat intelligence specialist in S-RM’s cyber team based in New York, collecting information is just the first step in the process. She says: ‘Collecting that data is one thing, but having a human analyst contextualise it and make it as actionable as possible - that is what makes that data “intelligent”, so to speak.’
From there, Tyler, Mona and their teams will derive the relevant insights that enable their clients to secure themselves against the next threat and that's coming their way.
GET CYBER INTELLIGENCE STRAIGHT TO YOUR INBOX
Tyler and Mona will be releasing an upcoming weekly cyber threat intelligence briefing. The briefing is a succinct review of the preceding week’s top cyber threat trends and developments, accompanied by key takeaways for security and leadership teams.