Page 4 - CDM-Global-Threat-Intelligence-Vendor-Landscape-2018
P. 4

Threat Intelligence






       Landscape











                he integration of Threat Intelligence techniques   not the answer, nor is vigilantism, since these “self-help”
                into a broader cybersecurity strategy is a natural   remedies only serve to undermine the values of civiliza-
                development in the escalating battle between   tion.
        Tcyber criminals and the defending team.  In
        today’s environment, it does seem strange that there still   Many effective methods have been developed to mini-
        appears to be resistance to the cost or even the ethics of   mize the adverse effects of cyber exploits, such as redun-
        applying intelligence methods to counter threats to the   dant systems, enhanced security protocols, and remedia-
        information systems on which so much depends.          tion plans.

        There was a time when conducting intelligence activi-  However, there is no defense more important or effective
        ties, or “spying,” was considered unacceptable.  The ad-  than stopping an attack before it can occur.  That is what
        monition “Gentlemen do not read each other’s mail,” was   Threat Intelligence is all about.  And the magnitude of
        the rule of the civilized world.  But we no longer have   the intelligence effort must equal or exceed the threat in
        the luxury of ignoring available information on the cyber   order to protect against harm.
        threats to our critical infrastructure, business operations,
        and even humanitarian aid.                             How big is the threat?  Of course, it is difficult to quantify;
                                                               but three things seem clear:
        It’s clear that violence against the cyber perpetrators is








                                                       Cyber threats are of a major magnitude and growing.





               How big is                              The means of measuring cyber threats are often only apparent
                                                       in retrospect, or by measuring proxy developments that reflect
              the threat?                              the underlying threat itself.



                                                       There are situations in which the identification of a threat
                                                       cannot be communicated to the public, since it could have

                                                       the two undesirable effects of causing panic and alerting
                                                       the cyber criminals that they have been discovered.


       4    2018 - GLOBAL THREAT INTELLIGENCE
   1   2   3   4   5   6   7   8   9