www.welivesecurity.com
Open in
urlscan Pro
2a02:26f0:780::210:ca08
Public Scan
URL:
https://www.welivesecurity.com/en/business-security/cyber-threat-intelligence-getting-front-foot-adversaries/
Submission: On November 13 via api from TR — Scanned from DE
Submission: On November 13 via api from TR — Scanned from DE
Form analysis 3 forms found in the DOM
GET https://www.welivesecurity.com/en/search
<form data-v-ed6a42ae="" id="searchform" method="get" action="https://www.welivesecurity.com/en/search" autocomplete="off" role="search">
<div data-v-ed6a42ae="" class="search-area"><input data-v-ed6a42ae="" name="term" class="searchbar-input form-control" type="text"
placeholder="Search WeLiveSecurity"><a data-v-ed6a42ae="" class="search-icon-trigger"><span data-v-ed6a42ae="" class="search-icon"></span></a><!----><!----></div><!---->
</form>GET https://www.welivesecurity.com/en/search
<form data-v-ed6a42ae="" id="searchform" method="get" action="https://www.welivesecurity.com/en/search" autocomplete="off" role="search">
<div data-v-ed6a42ae="" class="search-area"><input data-v-ed6a42ae="" name="term" class="searchbar-input form-control" type="text"
placeholder="Search WeLiveSecurity"><a data-v-ed6a42ae="" class="search-icon-trigger"><span data-v-ed6a42ae="" class="search-icon"></span></a><!----><!----></div><!---->
</form>POST https://enjoy.eset.com/pub/rf
<form action="https://enjoy.eset.com/pub/rf" class="basic-searchform col-md-12 col-sm-12 col-xs-12 no-padding newsletter px-0" target="_blank" method="post" role="search">
<div class="search-input clearfix">
<input type="text" name="EMAIL_ADDRESS_" value="" placeholder="Your Email Address" required="">
<input type="checkbox" id="TOPIC" name="TOPIC" value="We Live Security Ukraine Newsletter">
<label for="TOPIC">Ukraine Crisis newsletter</label>
<input type="checkbox" id="NEWSLETTER" name="NEWSLETTER" value="We Live Security">
<label for="NEWSLETTER">Regular weekly newsletter</label>
<input type="hidden" name="_ri_" value="X0Gzc2X%3DAQpglLjHJlTQGgXv4jDGEK4KW2uhw0qgUzfwuivmOJOPCgzgo9vsI3VwjpnpgHlpgneHmgJoXX0Gzc2X%3DAQpglLjHJlTQGzbD6yU2pAgzaJM16bkTA7tOwuivmOJOPCgzgo9vsI3">
<input type="hidden" name="_ei_" value="Ep2VKa8UKNIAPP_2GAEW0bY">
<input type="hidden" name="_di_" value="m0a5n0j02duo9clmm4btuu5av8rdtvqfqd03v1hallrvcob47ad0">
<input type="hidden" name="EMAIL_PERMISSION_STATUS_" value="0">
<input type="hidden" name="CONTACT_SOURCE_MOST_RECENT" value="WLS_Subscribe_Form">
<button type="submit" class="redirect-button primary">Subscribe</button>
</div>
</form>Text Content
Award-winning news, views, and insight from the ESET security community English Español Deutsch Português Français * * TIPS & ADVICE -------------------------------------------------------------------------------- * BUSINESS SECURITY -------------------------------------------------------------------------------- * ESET RESEARCH About ESET ResearchBlogpostsPodcastsWhite papersThreat reports -------------------------------------------------------------------------------- * FEATURED Ukraine crisis – Digital security resource centerWe Live ProgressCOVID-19ResourcesVideos -------------------------------------------------------------------------------- * TOPICS Digital SecurityScamsHow toPrivacyCybercrimeKids onlineSocial mediaInternet of ThingsMalwareRansomwareSecure codingMobile securityCritical infrastructureThreat research -------------------------------------------------------------------------------- * ABOUT US About WeLiveSecurityOur ExpertsContact Us -------------------------------------------------------------------------------- * English EspañolDeutschPortuguêsFrançais * Award-winning news, views, and insight from the ESET security community Business Security CYBER THREAT INTELLIGENCE: GETTING ON THE FRONT FOOT AGAINST ADVERSARIES By collecting, analyzing and contextualizing information about possible cyberthreats, including the most advanced ones, threat intelligence offers a critical method to identify, assess and mitigate cyber risk Phil Muncaster 10 Nov 2023 • , 4 min. read When it comes to mitigating an organization’s cyber risk, knowledge and expertise are power. That alone should make cyber threat intelligence (TI) a key priority for any organization. Unfortunately, this often isn’t the case. Among the various protective measures that IT leaders must consider to help them counter increasingly sophisticated attacks, threat intelligence is often overlooked. This oversight could be a critical mistake, however. By collecting, analyzing and contextualizing information about possible cyberthreats, including the most advanced ones, threat intelligence offers a critical method to identify, assess and mitigate cyber risk. When done right, it can also help your organization to prioritize where to focus its limited resources for maximum effect and so reduce their exposure to threats, minimize damage from potential attacks, and build resilience against future threats. WHAT ARE THE MAIN TYPES OF TI? The challenge for your organization is picking through what is a crowded market of TI vendors to find the right offering. This is, after all, a market predicted to be worth in excess of $44 billion by 2033. There are broadly four types of TI: * Strategic: Delivered to senior leadership via white papers and reports, this offers contextual analysis of broad trends to inform the reader. * Tactical: Aligned with the needs of more hands-on security operations (SecOps) team members, this outlines actor tactics, techniques, and procedures (TTPs) to provide visibility into the attack surface and how malicious actors can compromise the environment. * Technical: Helps SecOps analysts monitor for new threats or investigate existing ones using indicators of compromise (IOCs). * Operational: Also uses IOCs, but this time to track adversary movements and understand the techniques being used during an attack. While strategic and tactical TI focus on longer term goals, the latter two categories are concerned with uncovering the “what?” of attacks in the short term. WHAT TO LOOK FOR IN A THREAT INTEL SOLUTION There are various ways that organizations can consume threat intelligence, including industry feeds, open source intelligence (OSINT), peer-to-peer sharing within verticals, and direct from vendors. It goes without saying that there are a number of the latter offering their expertise in this area. In fact, Forrester recorded a 49% increase in paid commercial threat intelligence feeds from 2021 to 2022. However, you’re best advised to focus on the following when assessing whether a vendor is the right fit for your organization: * Completeness: They should offer a comprehensive range of TI covering a wide range of threat actors, threat vectors, and data sources – including internal telemetry, OSINT and external feeds. IOC feeds should be thought of as part of a holistic TI service rather than a standalone. * Accuracy: Inaccurate intelligence can overwhelm analysts with noise. Vendors must deliver precision. * Relevance: Feeds should be tailored to your specific environment, industry and company size, as well as what is most relevant (tactical/strategic) to your organization over the short and longer terms. Also consider who is going to use the service. TI is expanding to new personas all the time; even marketing, compliance and legal teams. * Timeliness: Threats move quickly so any feed must be updated in real time to be useful. * Scalability: Any vendor should be able to meet the TI needs of your organization as it grows. * Reputation: It always pays to go with a vendor that can boast a track record of TI success. Increasingly, this may be a vendor not traditionally associated with TI, but rather SOAR, XDR or similar adjacent areas. * Integration: Consider solutions which fit neatly into your existing security infrastructure, including SIEM and SOAR platforms. NAVIGATING THE TI MARKET The TI market is constantly evolving, with new categories emerging to help evaluate new threats. That can make choosing the right option(s) a challenge. It pays to think longer term about your requirements to avoid constant reassessment of strategy, although this must be balanced by the need for relevance and agility. It’s also worth bearing in mind that the maturity of your organization will play a big part in how many and what type of TI services to adopt. Those with dedicated teams and resource may consume as many as 15 sources of TI across commercial, OSINT, and free offerings. Today’s threat actors are well resourced, dynamic, determined and can leverage the element of surprise. TI is one of the best ways organizations can level the playing field and gain the upper hand, including by understanding their adversary, assessing the threat landscape and making better informed decisions. That’s the way not only to stop attacks in their tracks before they can make an impact on the organization, but also to build resilience for the future. Each organization will need to choose the blend of TI right for them. But when looking at vendors, ensure the data is at least complete, accurate, relevant and timely. Curated feeds will go a long way to saving time and resource for your own team. The key is to find a vendor whose feeds you trust. According to IDC, 80% of G2000 companies will increase investment in threat intelligence by 2024. Make sure you’re set up to succeed. -------------------------------------------------------------------------------- LET US KEEP YOU UP TO DATE Sign up for our newsletters Ukraine Crisis newsletter Regular weekly newsletter Subscribe RELATED ARTICLES -------------------------------------------------------------------------------- Business Security Navigating the security and privacy challenges of large language models Business Security Navigating the security and privacy challenges of large language models • -------------------------------------------------------------------------------- Business Security Strengthening the weakest link: top 3 security awareness topics for your employees Business Security Strengthening the weakest link: top 3 security awareness topics for your employees • -------------------------------------------------------------------------------- Business Security Better safe than sorry: 10 tips to build an effective business backup strategy Business Security Better safe than sorry: 10 tips to build an effective business backup strategy • SIMILAR ARTICLES Business Security Staying ahead of threats: 5 cybercrime trends to watch -------------------------------------------------------------------------------- Business Security A first look at threat intelligence and threat hunting tools -------------------------------------------------------------------------------- Less Technical OSINT 101: What is open source intelligence and how is it used? -------------------------------------------------------------------------------- SHARE ARTICLE DISCUSSION Award-winning news, views, and insight from the ESET security community About us ESET Contact us Privacy Policy Legal Information Manage Cookies RSS Feed Copyright © ESET, All Rights Reserved Your account, your cookies choice We and our partners use cookies to give you the best optimized online experience, analyze our website traffic, and serve you with personalized ads. You can agree to the collection of all cookies by clicking "Accept all and close" or adjust your cookie settings by clicking "Manage cookies". You also have the right to withdraw your consent to cookies anytime. For more information, please see our Cookie Policy. Accept all and close Manage cookies Essential cookies These first-party cookies are necessary for the functioning and security of our website and the services you require. They are usually set in response to your actions to enable the use of certain functionality, such as remembering your cookie preferences, logging in, or holding items in your cart. You can´t opt out of these cookies, and blocking them via a browser may affect site functionality. Basic Analytical Cookies These first-party cookies enable us to measure the number of visitors/users of our website and create aggregated usage and performance statistics with the help of our trusted partners. We use them to get the basic insight into our website traffic and our campaign performance and to solve bugs on our website. Advanced Analytical Cookies These first or third-party cookies help us understand how you interact with our website and each offered service by enriching our datasets with data from third-party tools. We use these cookies to improve our website, services, and user experience, find and solve bugs or other problems with them, and evaluate our campaigns´ effectiveness. Marketing cookies These third-party cookies allow our marketing partners to track some of your activities on our website (for example, when you download or buy our product) to learn about your interests and needs and to show you more relevant targeted ads. Accept and close Back