Blog_Header.jpg

IntSights' Blog

How to Build an Effective Threat Intelligence RFP

by Nathan Teplow / May 10, 2018

With the cybersecurity threat landscape growing and evolving rapidly, many enterprises and other large organizations are seeking more effective ways to protect themselves and their employees from these threats. Threat intelligence platforms can help you take a more proactive approach to managing cybersecurity. By translating early warnings and imminent threats into specific security actions, you can significantly reduce your risks and preemptively mitigate attacks. To meet these goals, you need a platform that combines external data collection, cyber intelligence algorithms and live human analysis into an integrated, scalable, and manageable package. There are a range of quality threat intelligence platforms to choose from. The challenge you face is determining which solution is best for your unique needs and business requirements.

What Features to Include in Your RFP

Overall, threat intelligence solutions should help your team identify and prioritize issues that impact your specific organization and assets. You don’t want to burden your team with more alerts, feeds and irrelevant Indicators of Compromise (IOCs).

Here are some of the key features you should look for in a Threat Intelligence solution that will help you cut through the “threat feed” clutter and find actionable intelligence. Be sure to include these in your Request for Proposal (RFP).

Dark Web Monitoring

Protecting your organization without Dark Web monitoring is like trying to defend a castle without any watch posts. Attackers often tip their hands by doing things on the surface, deep and dark web like scouting targets, using suspicious tools, and collaborating with other hackers. This insight can be incredibly valuable in helping you thwart attacks before they hit your organization. Next-generation threat intelligence platforms provide continuous scanning and sophisticated data mining capabilities to identify signs of pending cyber attacks.

Brand Protection

The larger your corporate brand and reach, the bigger the target is on your back. It takes lots of time, effort, and money to create a brand and build brand equity. That’s what makes it so valuable to you – and so attractive as a target for hackers. Next-generation threat intelligence platforms provide real-time scanning of external sources to detect tampering that could negatively affect your organization’s reputation including your organization’s domains, IP addresses, mobile applications, and social media pages.

Credential Leakage

The easiest and most effective way for any criminal to succeed is with direct, credentialed access to protected systems. Stolen emails and passwords are some of the most valued information on the Dark Web, and unfortunately social engineering campaigns and gaps in security processes leave them exposed and easily attainable. Advanced threat intelligence platforms provide near real-time notification of credential leakage incidents and automate remediation processes.

VIP Protection & Monitoring

Gone are the days when executive protection only extended to physical security. With the amount of information on the web and social media, it’s become incredibly easy to launch targeted attacks against company executives. And it’s not just executives; organizations need to worry about cybersecurity for other senior people associated with their businesses, including investors, board members, and advisors. Next-generation threat intelligence platforms provide continuous, customized scanning of a wide range of online sources, including email and social media sites to ensure real-time notification of criminal attempts to spoof executive personas.

Fraud Detection

Most organizations have a range of IT security tools in place, such as firewalls, gateways, IDS/IPS, and malware detection systems. They’ve also taken steps to integrate and further harden those systems. With these tougher defense-in-depth measures to beat, many hackers now use fraud instead. Advanced threat intelligence platforms identify data stolen in fraud schemes and criminal attempts to sell those items on the black market, such as social security numbers, credit card or bank account numbers of your employees and customers.

Vulnerability Prioritization

Given how fast the threat landscape grows and changes, manually correlating threat and exploit data to vulnerabilities is no longer a viable strategy. Automation is a must. Advanced threat intelligence platforms understand the risk, urgency, and potential impact of exploits to your organization’s specific vulnerabilities, enabling you to prioritize activities and quickly understand what’s most important.

Incident Response & Threat Hunting

In any adversarial situation, it’s critical to study and know your enemy. Next-generation threat intelligence platforms provide IT Security & SOC teams visibility into potential threats, and also show detailed trends and campaign data for in-depth threat investigation, monitoring and engagement.

Threat Intelligence RFP Development Framework

To help you build an effective Threat Intelligence RFP, we’ve developed an RFP framework, which includes questions you should ask in your RFP, key features to evaluate and a template you can use to submit to threat intelligence vendors.

Threat Intelligence RFP Development Framework
Download Now

Tags: Threat Intelligence White Papers

0 Comments
previous post Are Your Employees Exposing Login Credentials Through Collaboration Tools?
Next Post WannaCry Outbreak Anniversary: What We Really Learned Over the Past Year
Nathan Teplow

Nathan Teplow

Nathan is a Senior Product Marketing Manager at IntSights, responsible for the company's positioning, messaging and content strategy. He has worked in IT and cybersecurity marketing for over 5 years, holding a number of different roles across product marketing, marketing programs and content marketing. In his free time, he enjoys staying active, being outdoors and following any and all Boston sports teams.