Story image

Know your enemy - cyber threat intel crucial

27 Jul 2015

Managing cyber security on the internet poses a significant challenge for organisations, because the internet was never designed to be secure. 

That's accroding to BAE Systems Applied Intelligence, who says new frameworks are needed to address cyber space’s unique characteristics and environments. 

The security firm says cyber threat intelligence has emerged as a vital approach to designing an effective security regime. 

Dr Malcolm Shore, technical director, BAE Systems Applied Intelligence, says IT can no longer be protected by implementing a standard set of security controls. 

“It is sobering to realise that the most prevalent security controls standard was originally developed in the early 1990s - 25 years ago and prior to the internet as we know it," Shore says. "Given the changes that have occurred since then, it’s no surprise that these controls are no longer adequate.”  

“There needs to be much more emphasis on the new approaches such as the National Institute of Standards and Technology’s (NIST) Cybersecurity Framework if we’re to keep pace with our adversaries,“ says Shore. 

He says because cyber space  is increasingly looking like a battlefield, cyber threat intelligence is vital to designing an effective security regime. "This means knowing who is attacking you, what their motives are, and how they execute their attacks," Shore explains.   

The value of cyber threat intelligence lies in its ability to change an organisation’s posture from being reactive, responding to attacks when it’s breached, to being proactive, where cyber security defences are tuned to expect and deflect attacks.   

Shore explains that cyber threat intelligence comes in two forms; operational and strategic. "Operational intelligence consists of data that can be used to configure cyber defence equipment such as intrusion detection devices," he says. "Strategic intelligence is defined as knowing and understanding the potential threats and how they may affect the organisation. 

"Both are essential for delivering effective protection," adds Shore.

Organisations can start to understand their adversaries by mapping the adversaries’ past activities and capabilities, historical and current affiliations, their readiness and objectives, and future ambitions. "This lets companies set informed priorities for cyber defence investments, and respond faster and more effectively in the event of an incident," Shore explains.  

“Cyber attacks are rarely carried out without clear motivation or as a single action, so one of the key goals of threat intelligence is to anticipate them,” he says. 

“To successfully defend against contemporary attacks requires a focus on new areas of cyber security including threat intelligence.” 

Interview: Culture and cloud - the battle for cybersecurity
ESET CTO Juraj Malcho talks about the importance of culture in a cybersecurity strategy and the challenges and benefits of a world in the cloud.
Enterprise cloud deployments being exploited by cybercriminals
A new report has revealed a concerning number of enterprises still believe security is the responsibility of the cloud service provider.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.
Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.
How blockchain could help stop video piracy in its tracks
An Australian video tech firm has successfully tested a blockchain trial that could end up being a welcome relief for video creators and the fight against video piracy.