We use cookies to improve your experience. Do you accept?

Skip to main content

‘Early Warning Threat Levels’ to Proactively Respond to Cyberattacks

‘Early Warning Threat Levels’ to Proactively Respond to Cyberattacks - Featured Image

ISAC May 12, 2020

A new feature “Threat Levels ” has been introduced in the Cyware Situational Awareness Platform (CSAP) version 2.3. Threat Level is an early-warning system for security readiness that security teams can use to alert their information-sharing partners against the level of ongoing threat activity.

The feature comes with the following capabilities:

Create custom threat activity levels with defined preparedness measures

  • Threat Levels can be understood from the simple example of any video game. Let’s take the example of the popular video game “Super Mario”.

  • As Mario moves from one level to another, he faces increased difficulties and obstructions (bad actors) in his journey to meet the princess (goal).

  • Similarly, a shift from a threat level to another (higher-up) would indicate an increased level of malicious activity. Likewise, a shift in the reverse order would indicate a decrease in the level of threat activity.

You can create your own custom threat levels and map them with the level of requisite security preparedness that organizations should put into place.

Alert security teams to ongoing threat activity level

Some of the examples are how this capability can be used are:

  • Enterprises can warn their security teams and vendors with whom they share information about the ongoing level of malicious activity.

  • ISACs/ISAOs can warn their members against sector-wide threat activity.

  • MSSPs can warn their clients against the ongoing threat activity that poses risk to all of them.

  • CERTs can warn federal, state, and local constituents against the ongoing threat activity at the respective scale.

Summary

Threat Levels is an added capability of CSAP that sharing communities, MSSPs, CERTs, and enterprises can leverage to secure their extended security perimeter and create an environment of security readiness and preparedness to proactively counter threats.

Related Blogs