Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Security Infrastructure

Cyber Threat Intelligence and the Market of One 

Expanding Beyond Generic Threat Intelligence to Cyber Situational Awareness Empowers Organizations to Make More Informed Security Secisions

Expanding Beyond Generic Threat Intelligence to Cyber Situational Awareness Empowers Organizations to Make More Informed Security Secisions

The shift away from one-size-fits-all to viewing every individual customer as a “market of one” was pioneered by companies like Levi’s, Dell and Amazon. Jeans that fit you exactly, PCs made to order and products recommended to you based on previous purchases, all exemplify the move from delivering standardized value through mass production to creating customer-unique value through mass customization. This method for approaching markets is now widely embraced. Customers benefit by getting precisely what they want and need while companies, with a better understanding of their customer base, can deliver tailored products and services that provide more value.

It’s time to apply this way of thinking to security, specifically cyber threat intelligence.

Cyber Threat IntelligenceAttackers never rest and neither can organizations in their quest for better threat protection and risk mitigation. While cyber threat intelligence (CTI) has helped evolve the effectiveness of our defenses by providing greater insights into threats and threat actors, we need to do more. Data feeds, vulnerability feeds, indicators of compromise (IOCs) and profiles of threats and research reports will continue to be pertinent. Indeed, CTI provides a solid foundation to understand threats. But what’s lacking is cyber situational awareness that provides a more holistic and specific view of threats and vulnerabilities relevant to an organization.

Cyber situational awareness shifts from only delivering generic threat intelligence that informs, to also delivering specific information to defend against adversaries launching targeted attacks against an organization or individual(s) within an organization.

Cyber situational awareness brings together all the information that an organization possesses about itself such as its people, risk posture, attack surface, entire digital footprint and digital shadow (a subset of a digital footprint that consists of exposed personal, technical or organizational information that is often highly confidential, sensitive or proprietary). Information is gathered by examining millions of social sites, cloud-based file sharing sites and other points of compromise across a multi-lingual, global environment spanning the visible, dark and deep web.

Cyber situational awareness provides relevant and contextual insight based on data that is company specific and pertains to the industry, company size and geography. For example, this data might include confidential documents posted on websites, employee credentials, and even information about key suppliers that could be used to infiltrate an organization’s network. Cyber situational awareness also analyzes and provides information on which malicious actors might be targeting an organization, why and their methods of attack. As a result, it gives organizations the upper hand with the adversary, allowing them to prioritize and mitigate a harmful event and regain control of their unique digital shadow.

Perhaps even more important, cyber situational awareness is designed to generate forward-looking assessments—tactical, operational and strategic. This helps organizations to understand what they need to do right now to stop attacks and mitigate risk, as well as how make the right investments to align their security postures in the longer term for more effective defenses. Taking this approach provides a more holistic understanding of the security issues surrounding the organization.

Expanding beyond generic threat intelligence to cyber situational awareness empowers organizations to make much more informed security decisions based on a truly comprehensive view of their potential threats, attack vectors, brand risks, data loss risks and profile of their attackers. By applying the proven market of one approach to threat intelligence, security professionals get exactly what they want – and need – unique insights that allow them to protect against threats that are most relevant and present the greatest risk.

Advertisement. Scroll to continue reading.
Written By

Alastair Paterson is the CEO and co-founder of Harmonic Security, enabling companies to adopt Generative AI without risk to their sensitive data. Prior to this he co-founded and was CEO of the cyber security company Digital Shadows from its inception in 2011 until its acquisition by ReliaQuest/KKR for $160m in July 2022. Alastair led the company to become an international, industry-recognised leader in threat intelligence and digital risk protection.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Artificial Intelligence

The degree of danger that may be introduced when adversaries start to use AI as an effective weapon of attack rather than a tool...

Incident Response

Meta has developed a ten-phase cyber kill chain model that it believes will be more inclusive and more effective than the existing range of...

Cybercrime

Deepfakes, left unchecked, are set to become the cybercriminals’ next big weapon

Cybercrime

The top five categories of Bad Bot attacks are fake account creation, account takeovers, scraping, account management, and in-product abuse.