Recorded Future - Moving Toward a Security Intelligence Program

For the past 10 years, Recorded Future has focused on empowering organizations to take a proactive approach to cybersecurity. We’ve done this by collecting and analyzing threat data from the broadest range of sources and producing threat intelligence to help organizations gain insight into the intentions and techniques of cyber adversaries. This enables them to work smarter and stop threats faster. Since the beginning, our work has been grounded in three fundamental ideas:

1. Threat intelligence must provide the context to enable informed decisions and take action.

Threat intelligence is knowledge that allows you to prevent or mitigate cyberattacks. To be effective, threat intelligence needs to be timely, clear, and action­able. It has to come at the right time, in a form that is understandable. It should enrich your knowledge, not complicate the decision-making process. It should help put everybody in your organization on the same page.

2. People and machines work better together.

Machines can process and categorize raw data orders exponentially faster than humans. On the other hand, humans can perform intuitive, big-picture analysis much better than any artificial intelligence — as long as they’re not overwhelmed with sorting through huge data sets and doing tedious research. When people and machines are paired, each works smarter, saving time and money, reducing human burnout, and improving security overall.

3. Threat intelligence is for everyone.

No matter what security role you play, threat intelligence makes a difference. It’s not a separate domain of secu­rity — it’s context that helps you work smarter, whether you’re staffing a SOC, managing vulnerabilities, or making high-level security decisions. But to make things easier, not harder, threat intelligence should integrate with the solutions and workflows you already rely on, and it should be easy to implement.

Embracing a Broader Security Philosophy

These concepts guide and motivate all that we do at Recorded Future. And today, as organizations become increasingly cloud-based, distributed, and complex in their push for digital transformation, the need for actionable, automated threat intelligence for everyone has never been greater. Yet, as digital businesses continue to evolve, they’re being bombarded with cyber threats from all angles — from the open web and dark web, to partners and third parties, to brand attacks, to internal threats — and digital risk is at an all-time high. Without a true, comprehensive view of their entire threat landscape, organizations are vulnerable to attacks that could disrupt or even completely stop business.

As our team continues to innovate and evolve our solutions to help modern organizations proactively mitigate risk and stay ahead of threats of all kinds, we’ve embraced a broader philosophy for security that addresses holistic organizational risk in the digital age.

Security Intelligence: Greater Than the Sum of Its Parts

We call this comprehensive philosophy security intelligence because it goes beyond just threat intelligence (though threat intelligence remains a key principle), and encompasses digital risk protection and third-party risk management — all powered by our leading technology, the Security Intelligence Graph. This is not new technology for Recorded Future, but it is a new philosophy for how to amplify the effectiveness of security teams and tools. Embracing security intelligence as the common thread in exposing unknown threats, informing better decisions, and driving a common understanding, ultimately enables you to accelerate risk reduction across your organization.

Here is a look at each of the three principles of the security intelligence philosophy:

1. Threat Intelligence

Contextualized threat intelligence is a vital component of any truly proactive security intelligence strategy. Machine learning and automation make it possible to consume and analyze massive amounts of threat data from technical sources, technical research, open sources, and closed and dark sources. By correlating these relevant, real-time insights with internal network data, organizations can drive faster and more informed security decisions.

2. Brand Protection

Fake accounts, apps, and websites are often designed to profit from maliciously redirected or accidental traffic, but they can also result in major damage to an organization’s brand reputation. These accounts can host inappropriate content and target customers with phishing scams. Additionally, these fake domains can host malware or trick users into giving away their credentials, representing a serious security risk to consumers. Comprehensive security intelligence must include brand protection to help organizations quickly identify and respond to reputational threats to their brand and digital risks to their and their customers.

3. Third-Party Risk Management

Digital connections with suppliers, partners, contractors, agents, temporary workers, and others are now so critical that organizations share confidential and sensitive information with 583 parties on average. While these relationships undoubtedly add business value, they also introduce significant new risk and compliance challenges. Contextualized security intelligence helps organizations better analyze and understand risks originating from their third-party ecosystems, so they can address issues more quickly and confidently.

Looking Forward

Together, these three principles of security intelligence guide a comprehensive security strategy with broad, actionable intelligence at the foundation. Ultimately, security intelligence helps teams working in security operations, incident response, vulnerability management, risk analysis, threat analysis, fraud prevention, and security leadership make better, faster decisions and amplify their impact.

The newly released second edition of our popular book, “The Threat Intelligence Handbook: Moving Toward a Security Intelligence Program,” offers actionable best practices for organizations shifting toward this comprehensive security intelligence approach. Whether you are just starting a security intelligence initiative or are extending a mature program, the handbook is a must-read to help you efficiently reduce risk.

You can also take a behind-the-scenes look at how the technology behind security intelligence really works and enables security analysts to protect their organizations from present and future threats by downloading our new white paper on the Security Intelligence Graph.

This is only the start. Watch this space, as we will soon be publishing a series of blogs that explore each of these three principles of the security intelligence philosophy, how they reinforce each other, and how they can be addressed with a single technology platform.

Start making your move toward security intelligence today!

The post Moving Toward a Security Intelligence Program appeared first on Recorded Future.



from Recorded Future https://www.recordedfuture.com/security-intelligence-program/

Comments

Post a Comment

Popular posts from this blog

KnowBe4 - Scam Of The Week: "When Users Add Their Names to a Wall of Shame"

Image
Eric Howes , KnowBe4 Principal Lab Researcher, found out about another insidious bad guy trick: " If you work in IT there has undoubtedly come a dark moment when you wondered to yourself just who among your employee users would be gullible enough to click through a phishing email and potentially bring down your organization. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/when-users-add-their-names-to-a-wall-of-shame
Read more

Krebs - NY Charges First American Financial for Massive Data Leak

Image
In May 2019, KrebsOnSecurity broke the news that the website of mortgage title insurance giant First American Financial Corp. had exposed approximately 885 million records related to mortgage deals going back to 2003. On Wednesday, regulators in New York announced that First American was the target of their first ever cybersecurity enforcement action in connection with the incident, charges that could bring steep financial penalties. First American Financial Corp. Santa Ana, Calif.-based  First American [ NYSE:FAF ] is a leading provider of title insurance and settlement services to the real estate and mortgage industries. It employs some 18,000 people and brought in $6.2 billion in 2019 . As first reported here last year , First American’s website exposed 16 years worth of digitized mortgage title insurance records — including bank account numbers and statements, mortgage and tax records, Social Security numbers, wire transaction receipts, and drivers license images. The docum
Read more

SBS CyberSecurity - In The Wild 166

Image
  In The Wild - CyberSecurity Newsletter Welcome to the 166 th issue of In The Wild, SBS’ weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions. Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!           Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the Internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy. CyberRiskNOW Virtual Conference SBS Educational Resources This virtual conference is designed to provide interactive training on evo
Read more