Thinking outside the box for threat intelligence
Angela Moscaritolo | November 16, 2010
[SOURCE]
- The goal should be to prevent threats, rather than to respond to them. And, to ultimately help solve business problems, security professionals must first know what the problems are.
- “Spend no more money on technology,” Baich recommended. “Operationalize what you've got.”
- Organizations today have a myriad of layered security solutions, which are capturing a wealth of data that is often never pulled together and correlated, he said. In addition, a number of external sources exist to provide information about threats and vulnerabilities.
- By correlating all of this internal and external intelligence, a lot can be told about the threats targeting an organization, Baich said. Many IT security professionals, however, are failing to correlate intelligence data and make it actionable to the business.
- “We're running around like chickens with our heads cut off trying to plug holes,” he said. “We chase vulnerabilities rather than understanding why we're targeted.”
- The focus of a threat intelligence initiative should not just be to identify emerging risks, but to understand why they are relevant to the organization, Baich said.
No comments:
Post a Comment