Client Login

What Challenges Do Organizations Face with Cyber Threat Intelligence?

CYBER THREAT INTELLIGENCE

February 28, 2017 

Chief information security officers (CISOs) and those with a risk portfolio in their organization understand the need for a Cyber Threat Intelligence (CTI) strategy. In practice however, real-world challenges exist with implementing such a strategy.

Below are some key questions and consideration for risk and information security professionals to consider when analyzing CTI products and offerings:

  • How do we identify the right CTI vendor for our company?  The answer begins by first identifying your unique threat landscape.  Working out your key threat actors and threat vectors beforehand will point you towards the type of CTI feeds you need. Before purchasing, challenge vendors on the breadth, depth and industry relevance of their intelligence feeds.
  • How do we make sense of CTI without drowning in a sea of data? With the volume of information available from threat intelligence sources, including open source intelligence (OSINT), vendors, public and private sharing platforms, dark web and cyber criminal gangs, employing the use of big data analytics and visualization techniques is expedient.
  • Do we have the right skills in-house to analyze the data? Organizations often make the mistake of thinking that CTI is only needed at the technical level. In reality, the right mix of CTI skills encompass risk and intelligence analysts from corporate security, information security experts, and business unit owners that can help identify strategic level business drivers.

Below is a summary of some best practices that corporate security, risk, and information security leaders can use when making CTI buying decisions.

Key Organizational Considerations:

  • Have a documented risk-based CTI strategy—Understand your cyber threat landscape and determine what CTI feeds you need on that basis. Additionally, document how CTI will be obtained, how frequently it will be collected, who will consume it and what they are expected to do with it.
  • Establish communication channels between CTI and business intelligence functions—Do not lose sight of the operating environment when collecting and analyzing threat intelligence. External business factors could provide additional insight into cyber threats and could help shape your CTI strategy.
  • Have a management-backed process for sharing your intelligence with colleagues and industry—When it comes to CTI, no company is an island. A threat to one energy supplier is a threat to the entire energy industry.
  • You cannot buy institutional knowledge—The best CTI resources are often those who already understand how your business works and who can bring that knowledge to bear on the analysis of CTI. Consider training internal resources before hiring externally.

PlanetRisk’s CRX product provides customers with a holistic view of their cyber risks from outside their company walls. With strategic level reporting, and tactical drilldown to discover threats and vulnerabilities across the cyber landscape and your virtual supply chain, CRX provides you with a comprehensive SaaS solution and the cyber analyst reach-back support to help mitigate risk.

Want more information on how CRX can support your organization? Email us: sales@planetrisk.com