4 May 2023
Transforming targeted threat intelligence into a powerful business tool that mitigates risk.
CREST is delighted to introduce CyberProof, a UST company, as their Silver Sponsor at CRESTCon Europe 2023.
In today’s chaotic cyber threat landscape, organizations face the challenge of implementing effective threat intelligence that best fits the needs of their business. Although threat intelligence is a near-universal component of cybersecurity defense, implementing it in a targeted way to proactively preempt attacks, is less common.
One key challenge to gathering highly effective threat intelligence is optimizing human expertise to interpret threat data. While automation can help alert organizations to indicators of compromise (IOCs), cyber threat intelligence (CTI) experts understand the context behind threats and can identify and prioritize which threats pose the greatest business risk. Working proactively through a combination of dark web monitoring, open-source intelligence (OSINT), machine-readable threat intelligence (MRTI), and human intelligence (HUMINT), CTI experts can more holistically prioritize the threats that are targeting the organization.
Implementing threat intelligence just for the sake of keeping up with security trends can result in misdirected budgets and resources. In contrast, clearly defining goals and aligning them to your organization’s business needs will make targeted threat intelligence more effective. To best leverage gathered data, organizations need to define requirements and key performance indicators (KPIs) up front, ensuring that the data is aligned to demonstrate value to key business stakeholders. Threat intelligence KPIs can include the percentage of identified threats directly attributed to intelligence, instances of project re-prioritization due to threat intelligence, response times for threats before and after implementing intelligence, and more.
Collecting information from the right sources is also critical for targeted threat intelligence. While automated processes and AI can provide a wealth of information, organizations need to ensure they are collecting data only from high-quality, relevant sources. Sources must be reliable, as working with trustworthy insights allows organizations to build response plans more accurately and effectively.
For organizations that rely on third-party providers for threat intelligence services, developing a proactive strategy is key. Blindly partnering with a provider without understanding their data collection strategy can result in ineffective threat intelligence. Instead, ensuring that the service provider’s goals and strategies are aligned with your organization’s needs is key to building a targeted threat intelligence program.
Bottom line: In building a robust, targeted threat intelligence service, organizations need to define requirements and KPIs for measurement, ensure data collection comes from trustworthy sources and maximizes coverage, and invest in the right people skills to establish trust in the threat intelligence program. By addressing these challenges, organizations can harness the power of targeted threat intelligence to proactively protect their assets from cyber threats.
There’s still time to be a part of this year’s CRESTCon Europe by booking your tickets online.