With global cyberattacks surging, a never-ending list of software vulnerabilities being discovered around the world every hour and new data breaches being announced daily, how are enterprises evaluating, preparing for and responding to online threats?
From mobile threats to ransomware emergencies, from silent malware that specifically targets online banks to dealing with SSL encryption, the latest trends continue to tell a scary story.
Taking a step back: What are the right questions to be asking?
It’s called cyberthreat intelligence. And almost everyone seems to be interested. Well, at least most people at SecureWorld Expo events across the nation.
Gartner has defined threat intelligence as: “Evidence-based knowledge, including context, mechanisms, indicators, implications and actionable advice, about an existing or emerging menace or hazard to assets that can be used to inform decisions regarding the subject's response to that menace or hazard.”
Over the past nine weeks, I have been the moderator of three different SecureWorld Expo panel discussions on the topic of the global cyberthreat landscape. The one-hour sessions were titled: Current Threatscape. (For more details, see the 1:15 p.m. panel description on this online agenda). Whether in Boston, Philadelphia or Atlanta, the industry expert brought up a long list of threat actors, vulnerabilities, cyberattack channels — as well as potential solutions to consider.
The SecureWorld Expo panelists came from a diverse group of security, technology and telecommunications vendors. For example, at the session this past week in Atlanta, the panelists included:
So what were the hot topics discussed? Were there common answers across events? Here are 15 of the good cyberthreat questions covered by the panels.
15 Cyberthreat Questions:
There were also some heated discussions related to attracting and retaining cybertalent, where you should spend your precious budget dollars and the need for better processes and procedures in responding to incidents.
Here is a recent SecureWorld Expo interview with Christopher Pierson on cyberthreats.
Cyberthreat Resources: Answers Please?
Yes, there were and are panelist answers to all of these questions. Still many of the solutions offered are evolving and continue to challenge even the best and brightest.
Here are a few industry resources that can help in your research as well as point you toward an overall framework/strategy in dealing with cyberthreats.
How are these online threats playing out in terms of government and private-sector businesses around the world? There is a long list of relevant headlines related to cyberthreats and response. Here are a few recent actions and related stories on this topic:
This topic is also an important cybersecurity focus that I will keep coming back to every six to seven months. My past blog from 2015 described emerging cyberthreats, and many of the 2016 predictions laid out the expectations for this year. Many of these cyber predictions are coming true — especially on ransomware.
What are the best resources that your organization uses regarding cyberintelligence and online threats? Feel free to leave a comment with recommended solutions.