The vital importance of a successful threat intelligence programme

Abstract

Many organisations are currently wide open to cyber attacks. Effective intelligence is the only direct tool organisations have to significantly reduce cyber risk, as it involves taking the fight direct to the cybercriminals. This paper first describes the three layers of threat intelligence: data collection, analysis of collected intelligence, and, most crucially negating the impact of incoming threats. The paper describes how any threat intelligence that does not result in immediate remedial action is irrelevant to an organisation’s needs. The paper describes how a combination of human and machine forms effective intelligence gathering. Few organisations have the resources needed to build a truly successful threat intelligence platform. The paper outlines a few basic criteria that organisations must look for a cyber security provider. The paper concludes that taking the fight directly to the cybercriminals, and being able to predict incoming attacks with maximum accuracy, is a crucial first line of defence against cyber attacks, and that it is vital that the new threat intelligence platform enables truly impactful intelligence in order to control and reduce the organisation’s overall business risk — the aim of any cyber security strategy. The paper concludes it is essential that new threat intelligence platforms are designed to deliver accurate and actionable information that is relevant to the organisation concerned.