Page 9 - Cyber Defense eMagazine - January 2018
P. 9
RAISING YOUR THREAT IQ: THE IMPORTANCE OF
DEMOCRATIZING THREAT INTELLIGENCE
By Travis Farral, director of security strategy at Anomali
Threat intelligence continues to become a more ubiquitous feature of information
security programs as its value in detecting and preventing attacks becomes more clear.
Whether organizations have a full threat intelligence team, ingest threat feeds, or simply
leverage threat intelligence features found in common security tools, they are benefiting
from threat intelligence in one way or another.
Part of the core value proposition of threat intelligence is its collectiveness––the more
it’s shared, the more valuable it becomes. When an attacker targets one business that
is leveraging comprehensive threat intelligence, it is battling the combined knowledge of
multiple organizations, giving it an advantage.
However, many organizations using intelligence still hesitate to share their own
intelligence more broadly. A recent study from the Ponemon Institute found that only 50
percent of organizations currently participate in industry-centric sharing initiatives such
as Information Sharing & Analysis Centers (ISACs), which provide industry-relevant
intelligence, a place to collaborate with peers and network with other security teams. Of
those organizations, the majority (60 percent) only receive threat intelligence through
ISACs but do not contribute intelligence.
Many organizations cite a variety of concerns and hesitations that prevent them from
actively sharing their own intelligence more broadly, but a lot of these fears are myths
that can be easily dispelled. For instance, some organizations cite privacy and liability
concerns as a key reason for not contributing to threat sharing initiatives. However, it is
possible to keep sensitive information private while still contributing to threat sharing
initiatives.
9 Cyber Defense eMagazine – January 2018 Edition
Copyright © 2018, Cyber Defense Magazine, All rights reserved worldwide.