A study by Gartner called “Security and Risk Management Scenario Planning, 2020” found that by the year 2020, 30% of all global 200 companies will have been directly impacted by independent cyber criminals or cyber activists. It’s not a totally surprising claim because most organizations focus on control gaps and vulnerabilities when performing their risk assessments while they neglect to take threats into account. This is due to the fact that threat strategies, competences, and actions are hard to determine.
At the 2014 RSA Conference, a major topic was threat management and intelligence. Not only were the topics covered in workshops and presentations, but a large number of vendors showcased their newest security threat technology. The goal was to assist security professionals in strengthening their existing security protocols with better visibility.
For a security incident to occur, there must be a vulnerability present in some form, such as:
Then a threat must discover and exploit that vulnerability. Typically, security professionals have no control over the threats that affect their business, which has in the past led to neglecting threats as part of risk assessment. Instead the focus is put on more visible facts like vulnerabilities and control failures. But the amount of vulnerabilities facing businesses today has expanded at staggering rates – it’s nearly impossible to deal with all of them without trying to determine the likelihood that they will be exploited.
By 2020, Gartner predicts that 25% of global enterprises will engage in services of a “cyberwar mercenary” organization, including threat intelligence services. Subscribing to these services is cost-prohibitive for many businesses because subscriptions run up to hundreds of thousands of dollars each year. Plus, threat intelligence is not yet a mature market with inherent weaknesses such as the lack of measurement parameters (like reliability of information and risk assessment).
Threat intelligence services add to the volume, velocity, and complexity of data feeds that need to be analyzed and prioritized. They require experts who can go through huge volumes of information to correlate threat intelligence, vulnerability data, and other files.
Luckily, new technology is always emerging, and with big data risk management it will be easier not only to combine different threat intelligence feeds, but also associate security data with its business criticality or risk level to the organization.
Absolutely amazing. Matthew came to the office and worked with the laptop I had tried to fix myself. He listened carefully to what I reported, then worked with it for over an hour. He asked if he could take it back to his office to work with it. I agreed on the basis of a two-hour billable cap. He took it back to his shop, I’m sure spent way more than two hours fixing it, and returned to me a laptop I scarcely recognized–faster, working wireless, updated Cisco VPN software–perfection. In the course of his magic, he was always available to discuss the configuration, asked all the right questions and gave the right answers. He met the deadline I imposed. The service was so impressive that I asked about future availability to deal with a small business network if help was needed. There’s a team of folks ready to help.”