The best form of defense against cyber attacks and those who perpetrate them is to know about them. Collaborative defense has become critical to IT security, and sharing threat intelligence is a force multiplier. But for many organizations, good quality intelligence is hard to come by.
Commercial threat intelligence technology and services can help enterprises arm themselves with the strategic, tactical and operational insights they need to identify and respond to global threat activity, and integrate intelligence into their security programs.
Threat intelligence sources have varying levels of relevance and context, and there are concerns about data quality and redundancy, shelf life, public/private data sharing, and threat intelligence standards. However, if processed and applied properly, threat intelligence provides a way for organizations to get the insight they need into attackers’ plans, prioritize and respond to threats, shorten the time between attack and detection, and focus staff efforts and decision-making.
View to learn:
--The difference between threat information and threat intelligence.
--Available sources of intelligence and how to determine if they apply to your business.
--Key steps for preparing to ingest threat information and turn it into intelligence.
--How to derive useful data that helps you achieve your business goals.
--Tools that are available to make collaboration easier.
2. Forsythe is a leading enterprise IT company,
providing advisory services, security, hosting
and technology solutions for Fortune 1000
organizations. Forsythe helps clients
optimize, modernize and innovate their IT to
become agile, secure, digital businesses.
www.forsythe.com
About Forsythe
3.
4. In 207 BC, when
information traveled no faster
than a horse could ride…
5. …it was intelligence that led Rome to its critical
victory over Carthage during the Punic Wars.
23. 60% of large enterprises globally will utilize
commercial threat intelligence services
to help inform their security strategies.*
*Gartner, Smarter with Gartner, Use Threat Intelligence Services for an Agile Defense, June 10, 2015,
http://www.gartner.com/smarterwithgartner/use-threat-intelligence-services-for-an-agile-defense/
38. What are your most valuable
information assets?
Where are these assets?
When are these assets
being accessed?
Who has access to
these assets and why?
44. Enhancing automated
prevention
Shortening the lifecycle of
detection and remediation
Automating security
operations and
remediation efforts
Centralizing threat
intelligence programs and
standardizing processes
72. Get the insight needed
into attackers’ plans
Prioritize and respond
to threats
73. Get the insight needed
into attackers’ plans
Shorten the time between
attack and detection
Prioritize and respond
to threats
74. Get the insight needed
into attackers’ plans
Focus staff efforts and
decision-making
Shorten the time between
attack and detection
Prioritize and respond
to threats
79. Authors:
David O'Leary
Director, Forsythe Security Solutions
David Hove
Practice Manager, Forsythe Security Solutions
Aaron Smith
Master Consultant, Forsythe Security Solutions
Shariq Hassan
Senior Consultant, Forsythe Security Solutions
Anne Grahn
Senior Communications Specialist,
Forsythe Security Solutions
Forsythe is a leading enterprise IT company,
providing advisory services, security, hosting
and technology solutions for Fortune 1000
organizations. Forsythe helps clients
optimize, modernize and innovate their IT to
become agile, secure, digital businesses.
www.forsythe.com