Page 50 - Cyber Defense eMagazine September 2018
P. 50
50
2. Phishing Prevention
Gone are the days when all phishing threats could be spotted with the naked eye. Today’s social engineering
attacks such as spearphishing and website forgery are highly sophisticated and convincing. TI can support
security professionals and other employees with the detection of advanced scams by collecting data from
reliable public sources — like whois data — and identifying signs of fraud that include:
Newly registered domain names similar to those of well-known brands and companies
Contact details that differ across touchpoints and are inconsistent with verifiable records
Strange domain activity, e.g., domain owners and hosting providers changed multiple times within a short
period
3. Vulnerability Investigation
The likelihood of successful cyber attacks remains high no matter how much organizations invest in
protecting their infrastructure and data. Understanding the cause of a breach, however, can be challenging,
especially when working with multiple internal systems and third-party applications.
In that context, TI can be used as an investigative instrument, checking for the most salient vulnerabilities,
and providing an overview of potential weak links — e.g., misconfigurations, poor encryption, and malicious
files that may have caused the loss of sensitive data.
4. Cyber Defense Optimization
Even when no data breach has occurred, various organizational changes require security professionals to
reconsider whether their company’s cyber defenses are still optimized — e.g., mergers, acquisitions, spin-
offs, joint ventures and partnerships, outsourcing of business processes, and software and hardware
upgrades.
IT operations may evolve drastically in such instances, potentially leading to new gaps exploitable by
hackers and scammers. TI can help to spot emerging weaknesses resulting from business decisions and
establish a cybersecurity roadmap to tackle these by investing in new tools and software or reconfiguring
and harmonizing systems.
5. Security Awareness
Not all cyber attacks can be prevented through technology, however. It’s not rare for threats to go undetected
by antivirus, firewalls, and other applications — meaning that regular employees often end up as the last
line of defense against hackers and scammers.
For that reason, it’s essential to keep staff informed about the dangers that may come their way. TI insights
can assist with the coordination of security awareness initiatives bearing in mind existing IT vulnerabilities
and, therefore, where cybercriminals are the most likely to strike.
More and more organizations are allocating resources to the practice of threat intelligence, practically relying
on it to detect and tackle malware and phishing, investigate their infrastructure’s weak spots, and empower
targeted security awareness.