This is not just a promotional post. This is my first Cyware blog post, and I want it to come off as authentic, educational, and helpful for folks reading this, and certainly to provide those considering registering for our webinar Thursday (28th January) at 11:00 am EST, with a transparent look at what we’ll be presenting.
Sure, the core topic we’ll be discussing is threat intelligence and how operationalizing it might look different depending on the organization, the team, the cybersecurity model or framework the program is built on, and the maturity of the program.
And there are several threat intelligence platforms (TIPs) in the market and many different threat intelligence feeds - some open-source and some commercial. And there are also many flavors of IOCs depending on variables like systems, geography, and industry. The goal is to give you a unique viewpoint on how organizations, mainly mid-market firms, can successfully implement a threat intelligence function.
The Role of Threat Intelligence
ISACs are a great example of taking a next-generation collaborative approach in sharing threat intelligence at the industry level. At Cyware, we partner with ISACs to deliver our threat intelligence platform which organizations can leverage to share within their groups for internal security.
That said, threat intelligence is often overlooked or potentially mismatched in terms of where it fits in an organization’s security maturity model. According to a Forrester report, less than half of organizations have a dedicated threat intelligence function. And of those companies, a mere 4% have the means to measure threat intelligence.
Another interesting nugget about threat intelligence is that the threat intelligence function, often depending on the maturity of the security operations center (SOC) and the personnel, is slightly segregated and not necessarily part of the operational security team.
Last week, I had a fantastic conversation with Brian Kime, Senior Analyst, Forrester, on threat intelligence and how that fits into disparate cybersecurity teams. He confirmed this notion for me, that as a former threat intelligence analyst, many times, the intelligence team isn’t 100% synched with the SOC team.
Don’t Miss It!
If you register for our webinar on Thursday, we will cover a few interesting discussion points around threat intelligence, where and how it fits into a mid-market security model, and what challenges teams face. We will outline those challenges from a business standpoint, and our SME Neal Dennis will discuss the intricacies of the implementation of threat intelligence, and how that will improve your mid-market security program. We’re especially excited to have our partner Polyswarm join the session to provide insight on how threat intelligence enrichment can take your threat intelligence program to new heights when implemented during the right security maturity. Welcome, Polyswarm!
--Tom Bain (VP of Marketing, Cyware)