As the cyber threat landscape continues to evolve, it's important to have tailored, actionable intelligence you can use to anticipate cyber attacks and data leakage. Organizations need to start looking beyond their perimeter to monitor their digital footprint and view their organization like an attacker would. However, this takes specialized skills and resources to conduct threat hunting, detecting, analysis and response. Therefore, you need to be able to tailor the threat intelligence gathering process so that alerts are specific to your organization, and your team doesn't get overwhelmed with meaningless notifications.
The need for tailored threat intelligence is outlined in the Optiv 2018 Cyber Threat Intelligence Estimate report, which is based on security digital footprint assessments conducted by Optiv’s Global Threat Intelligence Center (gTIC) in 2017. IntSights is proud to be a key contributor to this year report, providing data and research around global threat types and trends.
The 2018 Cyber Threat Intelligence Estimate: Report Overview
The report has three key contributing sets of data:
- Basic Intelligence: Some threats focus on certain types of organizations. For instance, there are campaigns against financial institutions that spread banking-focused malware. An organization should be aware of the threat activity in their particular business vertical because it can prepare them for similar exploits.
- Current Intelligence: Threat actors are not always interested in every technology. Certain technologies may lend themselves to certain applications. For example: Industrial Control Systems (ICS) or Supervisory Control and Data Acquisition (SCADA) devices are common in manufacturing and utility providers. Companies who work with ICS or SCADA devices should follow security developments the specific technologies. A threat actor targeting ICS or SCADA is often very skilled acquiring sample devices.
- Estimative Intelligence: A specific threat actor or group of actors attribution to a cyberattack is notoriously difficult and prone to false positives. The information gathered and learned from the threat actors becomes a glue that can tie together targets, technologies, and campaigns, even if it is difficult to identify the specific actor.
The report is designed to be a forward-looking view reflecting the cyber threat landscape to help organizations mitigate risk and strengthen their defense postures.
Download Optiv's CTI Estimate report to learn more about the current threat intelligence landscape.