With global cyberattacks surging, a never-ending list of software vulnerabilities being discovered around the world every hour and new data breaches being announced daily, how are enterprises evaluating, preparing for and responding to online threats?
From mobile threats to ransomware emergencies, from silent malware that specifically targets online banks to dealing with SSL encryption, the latest trends continue to tell a scary story.
Taking a step back: What are the right questions to be asking?
It’s called cyberthreat intelligence. And almost everyone seems to be interested. Well, at least most people at SecureWorld Expo events across the nation.
Gartner has defined threat intelligence as: “Evidence-based knowledge, including context, mechanisms, indicators, implications and actionable advice, about an existing or emerging menace or hazard to assets that can be used to inform decisions regarding the subject's response to that menace or hazard.”
Over the past nine weeks, I have been the moderator of three different SecureWorld Expo panel discussions on the topic of the global cyberthreat landscape. The one-hour sessions were titled: Current Threatscape. (For more details, see the 1:15 p.m. panel description on this online agenda). Whether in Boston, Philadelphia or Atlanta, the industry expert brought up a long list of threat actors, vulnerabilities, cyberattack channels — as well as potential solutions to consider.
The SecureWorld Expo panelists came from a diverse group of security, technology and telecommunications vendors. For example, at the session this past week in Atlanta, the panelists included:
Greg Simmons, Peak 10 Kevin Peterson, Zscaler Jerrod Piker, Check Point Rohit Kinra, Verisign John Ode, Cisco Ron Winward, Radware
So what were the hot topics discussed? Were there common answers across events? Here are 15 of the good cyberthreat questions covered by the panels.
15 Cyberthreat Questions:
Here is a recent SecureWorld Expo interview with Christopher Pierson on cyberthreats.
Cyberthreat Resources: Answers Please?
Yes, there were and are panelist answers to all of these questions. Still many of the solutions offered are evolving and continue to challenge even the best and brightest.
Here are a few industry resources that can help in your research as well as point you toward an overall framework/strategy in dealing with cyberthreats.
- US CERT Current Activities
- Symantec Internet Threat Report
- McAfee Labs Threats Report
- Forcepoint 2016 Global Threat Report
- Trend Micro Current Threat Activity
- FireEye/iSight Partners
How are these online threats playing out in terms of government and private-sector businesses around the world? There is a long list of relevant headlines related to cyberthreats and response. Here are a few recent actions and related stories on this topic:
- The Reserve Bank of India mandates new policies to keep hackers at bay.
- How Ransomware Affects Hospital Data Security
- Maybe Wall Street has the Solution to Stopping Cyber Attacks
What are the best resources that your organization uses regarding cyberintelligence and online threats? Feel free to leave a comment with recommended solutions.