In this post, I highlighted the different phases of Threat Intelligence. It all sounds well and good on
paper and for companies that have dedicated cyber security resources. But it can be daunting to an organization with limited resources to execute all of the phases defined in the Threat Intelligence process. Attackers are counting on this mindset. This is why the small to medium business are frequent targets of malicious actors looking to profit on your vulnerabilities. They know that their attack attempts will probably go unnoticed because the IT professional running the network also has 5 other responsibilities that take priority....up until the moment of the breach. The attackers also know that you probably don't have a number of sophisticated tools to automatically detect and respond to breach attempts.
paper and for companies that have dedicated cyber security resources. But it can be daunting to an organization with limited resources to execute all of the phases defined in the Threat Intelligence process. Attackers are counting on this mindset. This is why the small to medium business are frequent targets of malicious actors looking to profit on your vulnerabilities. They know that their attack attempts will probably go unnoticed because the IT professional running the network also has 5 other responsibilities that take priority....up until the moment of the breach. The attackers also know that you probably don't have a number of sophisticated tools to automatically detect and respond to breach attempts.
But here's the thing. You don't need to have sophisticated tools. A lot of what you need already exists within your network. Anything that is missing can be readily available via free or open source tools. This goal of this entry is to walk you through each phase of the Threat Intelligence Lifecycle and discuss processes and tools that an organization of any budget can implement to enhance their visibility into the tools, tactics, and procedures utilized by those looking to infiltrate your network.
Planning and Direction
This phase is completely free! But it is also the most important step so maybe not completely free because you do need to define the goals of your threat intelligence program and what metrics you can put in place to determine its effectiveness. Should your threat intelligence aid your vulnerability management? Are you looking to improve your incident response capabilities? Maybe you are just looking to justify your security spending. Threat intelligence can support the business in a number of ways by providing real data that will provide direction to your efforts.
While it may sound cheesy, I am a fan of mission statements. A brief synopsis that encompasses all of your goals while driving the future endeavors of your program. The mission statement provides a guiding light whenever you may be stuck deciding what you should do next. It is the principle to look towards when trying to find ways to optimize the program. It is a reflection of your security program and organization as a whole. The mission statement is persistent in the face of changes to the organizational and threat landscape.
While it may sound cheesy, I am a fan of mission statements. A brief synopsis that encompasses all of your goals while driving the future endeavors of your program. The mission statement provides a guiding light whenever you may be stuck deciding what you should do next. It is the principle to look towards when trying to find ways to optimize the program. It is a reflection of your security program and organization as a whole. The mission statement is persistent in the face of changes to the organizational and threat landscape.
A goal is just a dream if you can't measure it
I think someone smart said something like this once. After you have established your mission and set your goals, you need to be able to measure your progress towards obtaining that goal. So what does a good metric look like? In the example of attempting to aid your vulnerability management, perhaps you have recently conducted a vulnerability assessment on your environment. The vulnerability assessment spits out a 300 page document that states that 150 of the vulnerabilities are high. The problem with vulnerability scans is that they don't provide any context. You may have 100/150 that have mitigating controls. The other 50 may or may not have any active exploits being used in the wild. Threat Intelligence will provide you the additional insight to understand that out of those remaining 50, 15 of them are actively being exploited. Now you can prioritize your efforts and track your progress in remediating vulnerabilities specific to your environment. You now have laid the groundwork for a vulnerability intelligence program.
In the next post I will focus on the collection phase which I believe, next to planning, to be the most important phase of the process. I'll talk about viable sources of data that already exist within your environment and make suggestions for how to optimize what you collect and iteratively scaling up your capabilities by making smart choices.
How to make money from betting on football - Work Tomake Money
ReplyDeleteIf you're febcasino having https://septcasino.com/review/merit-casino/ problems finding a winning bet online for the day of your ventureberg.com/ choosing, then there งานออนไลน์ are plenty of opportunities available right here.