Cybersecurity is one of the leading boardroom issues. If data is corrupted, deleted, or encrypted with ransomware by hackers who demand a fee to provide the unlock code, a targeted cyber-attack can cause chaos for a business, from both a financial and reputation perspective.
Indeed, a report by global insurer Lloyds of London said that attacks on computer operating systems run by a large number of businesses around the world could cause losses of $28.7 billion in terms of their financial, economic and insurance impact. As such, we’re seeing an increase in customer demand for services which ensure they can properly defend themselves from attacks which have the potential to put them out of company.
One way of addressing this growing concern is through the use of Cyber Threat Intelligence (CTI).
What is threat intelligence?
In recent years, there has been a misconception that threat intelligence is a flood of IP addresses, domains and hashes, meaning businesses struggle to cope with the volume of information or aren’t at the right maturity level to understand and use to their benefit.
Instead, CTI can be defined in many different ways. Whilst it can simply be a thread feed, threat intelligence can also be an invaluable early warning system in helping to identify and block potential threats before they escalate and become problems.
Why should organizations care?
With GDPR around the corner, every single business has an obligation to make data protection as much of a priority as the public, who are regularly asked to hand over financial and other personal data.
This is especially true when considering this latest report that revealed that a fifth of the UK public believe cybercrime and hacking are the biggest challenges facing the UK today – above global economic uncertainty and the skills gap.
It can be challenging in any corporate environment to express the severity of a vulnerability as not only a technical risk, but also as a financial, human and business risk.
As such, threat intelligence can be as simple as providing guidance on ‘protecting’ using basic defenses such as a patch management. Take last years’ NotPetya and Wannacry outbreaks as a prime example: the malware actually used an SMB vulnerability that simply needed patching.
If more businesses had used CTI then it is likely this would have been picked up many months earlier, helping to reduce the amount of trauma caused to many businesses during these attacks.
Adopting a more proactive approach
In the digital age where so much data is stored, reacting to attacks isn’t good enough. CTI is about utilising constant monitoring and smart analysis to block a threat before it does any damage – rendering it harmless.
Whilst customers are right to be worried about the next strain of cybersecurity incidents, combining vulnerability management with threat intelligence will be a great use case for protecting corporate environments.