Threat Intelligence: What It Is and How to Use It Effectively

Threat Intelligence: What It Is and How to Use It Effectively

novembro 29, 2016 | NSFOCUS

By: Anil Nandigam, Sr. Director, Product Marketing, NSFOCUS

In today’s cyber landscape, decision makers constantly question the value of their security investments, asking whether each dollar is helping secure the business. Meanwhile, cyber attackers are growing smarter and more capable every day. Today’s security teams often find themselves falling behind, left to analyze artifacts from the past to try to determine the future. As organizations work to bridge this gap, threat intelligence (TI) is growing in popularity, usefulness and applicability. In its simplest form, TI is the process of understanding the threats to an organization based on available data points. But it goes beyond simply collecting data points; there must also be an understanding of how the data relates to the organization. Teams must combine data points with contextual information to determine relevant threats to the business. Furthermore, TI is useful to an organization only if it is actionable. If a team cannot determine how to best respond, combat or mitigate a threat to the organization, then the information provides little, if any, value.

The SANS Institute & NSFOCUS jointly issued a new white paper “Threat Intelligence: What It Is, and How to Use It Effectively” which seeks to help decision makers determine whether their organization

is ready to incorporate TI into their security program or, for more mature organizations already leveraging TI, how to use it more effectively. The following key points are examined in the paper:

  • How to define TI for your organization, while ensuring that you set appropriate expectations
  • How to source valuable TI, and best combine internal and external sources to meet your organizational needs
  • How to implement intelligence findings throughout the organization versus just collecting data points

The report focuses on techniques for integrating and acting upon TI—information that should be of value to organizations of all sizes. It is prudent for all organizations to be aware of the current threats confronting them and do their best to protect the business by implementing a TI strategy.

To read the full paper, visit: