One Article Review
| Source |  Anomali |
|---|---|
| Identifiant | 4219564 |
| Date de publication | 2022-03-03 05:00:00 (vue: 2022-03-03 05:05:49) |
| Titre | Why are Organizations Suffering from a Lack of Threat Intelligence Information? |
| Texte | initIframe('621fae2743ebc30765551e5e'); Welcome to this week's blog, where I'll dive deeper into the Top 10 Cybersecurity Challenges enterprise organizations face, as found in our recently released Cybersecurity Insights Report 2022: The State of Cyber Resilience. Coming in at number nine on our “Top 10 List of the Challenges Cybersecurity Professionals Face” is the Lack of threat intelligence information. I gotta admit, when I first saw this on the list, I was scratching my head, as I'm sure any cybersecurity professional might be. But as I sat back and thought about it, it made more sense. There's no shortage of threat intelligence data out there, whether it's from open source or third-party feeds. In fact, I assumed most organizations were suffering from information overload as they're inundated with data. What they may lack is RELEVANT intelligence information specific to them. What do I mean? Well, we're all suffering from information overload. When I go to ESPN, I don't want to see all of the scores, I want to see the scores I care about. I want immediate access to my teams so I can be angry about them. (NY Giants and New Jersey Devils, I'm looking at you.) ESPN enables me to pick and choose my favorites so that I can make my experience relevant to me. Which is similar to what organizations need to do. When security teams log into their dashboard, they don't want to be hit with all the threats. They want to see the potential threats most relevant to them so they can take quick action. And they want threat intelligence to be operational so that it can be made actionable to inform security teams. So, what needs to be done? First, let's define Threat Intelligence. Threat Intelligence (TI) is the collection of raw data about threats and vulnerabilities that is then transformed into actionable intelligence. Effective threat intelligence programs help organizations detect and respond to cyberattacks before they cause harm. Organizations that fail to invest in TI as part of their security programs risk being blindsided by new threats or vulnerable to existing ones. Intelligence vs Information vs Data One of the reasons organizations might be struggling is that there might be some confusion between data, information, and intelligence, especially if they're managing threat intelligence manually. Let's start by trying to outline the differences. The main differences between data, information, and intelligence come in two forms: volume, and usability. Data is a collection of individual facts, statistics, or items of information, usually available in large quantities, it describes specific and indisputable facts. There is a subtle difference between data and information. Data are the facts or details from which information is derived. Individual pieces of data are rarely useful alone. For data to become information, data needs to be put into context. Information is created when a series of data is combined to answer a simple, straightforward question. Let's use hockey goalies as an example. An individual goalie’s save percentage is one piece of data. Let’s say you’ve used six goalies this year, each with varied save percentages. The average save percentage for the entire team can be derived from the given data. Note that although this output is more useful than the raw data, the GM still might not know exactly what to do with it. Intelligence takes this process one step further by interrogating data to t |
| Envoyé | Oui |
| Condensat | “top 2021 2022 2022: 621fae2743ebc30765551e5e able about access action actionable actor actually admit advanced advantage adversaries ahead all alone already also although amount amounts analysis analysts angry anomali answer any architecture are artifacts assumed attack attacks attributions automate automation available average back basic because become before behind being benefits better between big blindsided blog breaches brings burdened business but can care case cause challenges changing chasing check choose closer clues collection combined come comes coming common companies competitor completely complex component compromise confusion considered constantly context continues continuously created critical cyber cyberattacks cybersecurity cycle dashboard data daunting dealing deciding decisions deeper defensive define deployed derived describes details detect detection determine devils difference differences different disaster dive does doing don't don’t done download due each effective effectively eight emerging enables enough enterprise entire equipped especially espn even every evolve exactly example existing experience exposes face face” facing fact facts fail false favorites feeds figure fines first forced form formats forms: forrester fortunately found from fuels function further future gathering generally generated giants given gives goalie goalie’s goalies going gotta handling harm have having head help helps historical hit hockey how huge hunting i'll i'm identify immediate implementing important importantly improve incident incorporate indicators indisputable individual inform information information initiframe insight insights insufficient integrating intelligence intelligence: interrogating inundated invest investigate investigations iocs isn't it's items jersey join just key know knowing knowledge known lack landscape large last leap learn learned let's let’s levels leverage like list log look looking machine made main make makes making malware manage management managing manually many market massive maximize may mean meaningful meantime measures methodologies might more most motivations must navigating need needs network networks new next nine not note number often one ones open operational operationalize operationalizing operations organizations otherwise out outline output over overload overwhelming paint part party people percentage percentages persistent personnel pick picture piece pieces place plan platform platforms point poor positives potential presence prevented preventing proactively process processes processing professional professionals programs protecting provide provides put quantities question questions quick quickly rarely rather raw reactively read realized reasons recently recommended reduce released relevant report requirements resilience resources respond responders response right risk risks sat save saw say scores scratching search searching second security see sense sensitive series serves set shortage should similar simple six solid solutions some something source sources specific stakeholder start starting state statistics stay step story straightforward strain strategic strategy streamlining strikes struggle struggling struggling subtle suffering sum sure tactical tactics take takes taking team teams tech tell tend than them themselves then there's these they're they've third thought threat threats threatstream three through tide™: time tools top transform transformed trends tries trying two type types uncovering understanding until usability use used useful using usually utilizing varied variety various volume vulnerabilities vulnerable want we're week's welcome well what when where whether which who why will won't year you’ve your |
| Tags | Malware Threat |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.