Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Security Infrastructure

Cyber Threat Intelligence and the Market of One 

Expanding Beyond Generic Threat Intelligence to Cyber Situational Awareness Empowers Organizations to Make More Informed Security Secisions

Expanding Beyond Generic Threat Intelligence to Cyber Situational Awareness Empowers Organizations to Make More Informed Security Secisions

The shift away from one-size-fits-all to viewing every individual customer as a “market of one” was pioneered by companies like Levi’s, Dell and Amazon. Jeans that fit you exactly, PCs made to order and products recommended to you based on previous purchases, all exemplify the move from delivering standardized value through mass production to creating customer-unique value through mass customization. This method for approaching markets is now widely embraced. Customers benefit by getting precisely what they want and need while companies, with a better understanding of their customer base, can deliver tailored products and services that provide more value.

It’s time to apply this way of thinking to security, specifically cyber threat intelligence.

Cyber Threat IntelligenceAttackers never rest and neither can organizations in their quest for better threat protection and risk mitigation. While cyber threat intelligence (CTI) has helped evolve the effectiveness of our defenses by providing greater insights into threats and threat actors, we need to do more. Data feeds, vulnerability feeds, indicators of compromise (IOCs) and profiles of threats and research reports will continue to be pertinent. Indeed, CTI provides a solid foundation to understand threats. But what’s lacking is cyber situational awareness that provides a more holistic and specific view of threats and vulnerabilities relevant to an organization.

Cyber situational awareness shifts from only delivering generic threat intelligence that informs, to also delivering specific information to defend against adversaries launching targeted attacks against an organization or individual(s) within an organization.

Cyber situational awareness brings together all the information that an organization possesses about itself such as its people, risk posture, attack surface, entire digital footprint and digital shadow (a subset of a digital footprint that consists of exposed personal, technical or organizational information that is often highly confidential, sensitive or proprietary). Information is gathered by examining millions of social sites, cloud-based file sharing sites and other points of compromise across a multi-lingual, global environment spanning the visible, dark and deep web.

Cyber situational awareness provides relevant and contextual insight based on data that is company specific and pertains to the industry, company size and geography. For example, this data might include confidential documents posted on websites, employee credentials, and even information about key suppliers that could be used to infiltrate an organization’s network. Cyber situational awareness also analyzes and provides information on which malicious actors might be targeting an organization, why and their methods of attack. As a result, it gives organizations the upper hand with the adversary, allowing them to prioritize and mitigate a harmful event and regain control of their unique digital shadow.

Perhaps even more important, cyber situational awareness is designed to generate forward-looking assessments—tactical, operational and strategic. This helps organizations to understand what they need to do right now to stop attacks and mitigate risk, as well as how make the right investments to align their security postures in the longer term for more effective defenses. Taking this approach provides a more holistic understanding of the security issues surrounding the organization.

Expanding beyond generic threat intelligence to cyber situational awareness empowers organizations to make much more informed security decisions based on a truly comprehensive view of their potential threats, attack vectors, brand risks, data loss risks and profile of their attackers. By applying the proven market of one approach to threat intelligence, security professionals get exactly what they want – and need – unique insights that allow them to protect against threats that are most relevant and present the greatest risk.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Threat Intelligence

How threat intelligence is critical when justifying budget for GRC personnel, and for threat intelligence, incident response, security operations and CISO buyers.

Cybercrime

The degree of danger that may be introduced when adversaries start to use AI as an effective weapon of attack rather than a tool...

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

Cybercriminals earned significantly less from ransomware attacks in 2022 compared to 2021 as victims are increasingly refusing to pay ransom demands.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Threat Intelligence

Enhancing cybersecurity and compliance programs with actionable intelligence that adds insight can easily justify the investment and growth of threat intelligence programs.

Funding/M&A

Identity and access governance vendor Saviynt has closed a $205 million financing round.

Management & Strategy

The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Office of the Director of National Intelligence (ODNI) have released...