Is baseball still America's pastime, or, is Cybersecurity? Perhaps not a good
comparison but the message from the late Yogi has some synergy as cybercurity
has become discussion at all levels now i.e. hackers to board of directors…
Couple key points on "Definitive Guide to Cyber Threat Intelligence" by Friedman and Bouchard's book:
Couple key points on "Definitive Guide to Cyber Threat Intelligence" by Friedman and Bouchard's book:
- 3 Levels that require specific message depending on audience: Tactical, Operational and Strategic – what not to fear vs. what to react to
- Cast a wide net when looking at assets since threats, adversaries, targets and weapons vary
- Large volumes of data does NOT equate to intelligence but instead, know your indicators, realize the threat feeds, understand the tactics, motivation and intent
- Good validation and prioritization leads to accurate / dissemination of intelligence and message
- Pivot from attack/detect to analysis of complex attacks via right balance of triage, prioritization, remediation, and management (investment and communication)
- Strategic roadmap must value gap analysis with investment priorities, central knowledge repository with automated workflow, and "hunt mission" capability – anticipate hosts likely threats and aggressively search indicators and reveal attacks in the earliest stage
- Finally, considering various levels of partnership since no one can do it alone
No comments:
Post a Comment