Is Your Threat Intelligence Platform Just a Tool?
“If the only tool you have is a hammer, you tend to see every problem as a
nail.” Abraham Maslow
Throughout the enterprise there are security personnel using a variety of
processes and tools to conduct their incident response, network defense, and
threat and risk analysis. Security team efforts haven’t been integrated, or
if they are integrated, it is only through rudimentary technologies like
email, spreadsheets, a SharePoint portal, or a ticketing system. These
techniques, although better than nothing, do not scale as the team grows and
the number of malicious events and security processes increases. We saw this
same problem with other parts of the business, and platforms were created to
support them in their quest for automation, collaboration across use-cases,
and better management processes. For example, People... (more)
Cyber-attacks make headlines on a daily basis. The news media commands
attention by publicizing high profile cases – well-known companies,
enormous losses, and serious consequences. With all the focus on the big
guys, it’s easy to overlook the fact that no business demographic is immune
from cyber-attacks. In fact, recent reports estimate that small companies,
those with fewer than 500 employees, may be experiencing as many as half of
all targeted cyber-attacks. Half!
Who is attacking the small business and why?
The threat to the small business is the same as any business. ... (more)
Twitter on Ulitzer
Last night Twitter.com was hacked by a group purportedly titled the Iranian
Cyber Army, at least that is what people think based on the fact that this
group advertised they were responsible by displaying a redirected web page
with an Iranian flag and text that takes credit, saying "This website has
been hacked by the Iranian Cyber Army". This morning another website
(mawjcamp.org), which appears to be a Iranian Reformist website based outside
of Iran was also found to have been hacked.
This event comes at a time when the United States Government is saying that ... (more)
Last week, Anton Chuvakin from Gartner wrote a blog about what he is
calling an Intelligence Management Platform. He includes some thoughts by
Facebook on how they are building their own platform. He alludes to
non-public sources and I’m sure ThreatConnect™ is one, so rather than
keep you all in suspense, I thought this would be an opportune time for
ThreatConnect to say what we think a Threat Intelligence Platform is.
Rick Holland from Forrester said recently at a SANS conference that the
threat intelligence platform is like the quarterback of your operations. The
threat intel... (more)
I was part of a panel titled “Developing Security Strategies to
Successfully Combat Sophisticated Threats to your Network, while Protecting
Customer Privacy” at the TM Forum conference two weeks ago. Given the
topic, and the interesting conversation, I wanted to highlight some of the
ideas expressed around sophisticated threats.
Verizon’s Marc Spitler, and AT&T’s Brian Rexroad. Daniel O’Donnel from
Network Critical and Ajay Uggirala from NetScout, and Martin Huddleston from
United Kingdom (UK) Ministry of Defense (MoD) accompanied me on the panel.
In essence, cyber-attack is big... (more)