May 25, 2016
-
Joe Franscella
,

4 Tools For The Best Cyber Threat Management

<p>Cyber threat management is a combination of advanced threat research tactics and proactive internal policies. Technical solutions are tools which must be used in kind with general best practices in order to be effective. Your security plan must <a href="{page_3248}">account for human fallibility</a>.</p><p>These are the four components of an integrated threat prevention plan.</p><p><strong>Software</strong> programs which guard against online threats are continually striving to create the most effective cyber threat management tools. These applications have been <a href="http://techsalsa.com/first-computer-virus-and-first-antivirus/" target="_blank">around for decades</a>. The need for anti-virus software came soon after the advent of the Internet. Threat management programs are available for users of any scale, from an entire corporate network or a single PC.</p><p>Online threat protection programs must collect, analyze, share, and leverage intelligence. Tools can collect intelligence from internal and external sources. Based on knowledge about invasive activity and suspicious patterns, applications can send a warning when certain suspicious conditions are present. These patterns can be spotted based on sharing of past threat intelligence data. Similarly, your existing threat management software must somehow <a href="http://www.brookings.edu/research/opinions/2015/01/20-will-sharing-cyberthreat-information-help-defense-united-states-bejtlich" target="_blank">contribute its data to the greater good</a>.</p><p>Leveraging knowledge synthesized from traffic data against the most current threat profiles is where different protection tools differ. Known bots, Trojans, etc. can be blocked passively once they have been identified, and the solution has been written into an update. Each developer races to the cure each time a new virus is introduced.</p><p>In the brief time cyber threat management has been around it has grown exponentially to match with its threats. Advancements in criminal ingenuity have begun to develop threats armed with simple artificial intelligence. AI is likely to see an explosion in development, and similarly human intelligence must rise to the occasion.</p><p><strong>Education</strong> is a tactic that should not be overlooked. Understanding the principles of data security is important for every level of staff. Purchasing software is a large commitment and an important investment. If this choice is to be made by executives, they feel more confident about their decision with an at least basic understanding of threats and up to date information about best practices for responses. All staff should be educated about <a href="http://www.cdse.edu/toolkits/fsos/security-education.html" target="_blank">online security as part of their training</a>.</p><p>Authentic learning environments cannot be bought. Like a garden, a culture of respect for the importance of the network and threat awareness must be cultivated with time and effort. One seminar after a disaster will not have a lasting effect on your company computer culture as regular, meaningful dialogues. Consistency is key to foster a company culture that is genuinely mindful of security.</p><p><strong>Cyber-security staff</strong> - For the sake of this discussion we will refer to your IT department as tools. Sound familiar? This line of work attracts ambitious, intelligent and curious minds. Leveraging their enthusiasm can make or break the success of your cyber threat defenses. Depending on how invested they are in their position, they may leverage their problem-solving skills and provide valuable insights.</p><p>System administrators are often asked to weigh in on the selection of security products. In this case, they may have hands on knowledge but lack sufficient experience or authority to set an appropriate budget. Establishing an open dialogue between the network manager and operational managers well in advance of a product demo – or an actual emergency sets both parties up to perform their roles better.</p><p>No “tech guy”? No way. Regardless of title, somebody is the first responder for computer issues. If you outsource IT services, take care to support whoever liaises to the representatives. Empower your go-between with whatever knowledge or authority they need to get the best value from the service.</p><p><strong>It’s Good Policy</strong> - Be proactive about cyber threat management procedures. Implement staff’s collective knowledge by clearly <a href="https://www.fcc.gov/general/cybersecurity-small-business" target="_blank">communicating expected behavior via policy</a>. Assuming everyone knows not to download viruses doesn't account for human fallibility. The likelihood that even one employee might think “downloading music doesn't count” is too great to take a chance on. Outline web use and data security policies in brief, clear statements so that staff will refer to them. Prevent “honest mistakes” with clear policies warning against outside emails, downloads, etc. Even the most dedicated employees can commit grave mistakes if they underestimate their role in the cyber security system.</p><p>Want to know more about a new threat intelligence model, the Security Incident Response Matrix (SIRM)? Download this free whitepaper!</p><p><span class="hs-cta-wrapper" id="hs-cta-wrapper-b53c0f45-fcb8-4ba6-a11f-9aca8537b985"><span class="hs-cta-node hs-cta-b53c0f45-fcb8-4ba6-a11f-9aca8537b985" data-hs-drop="true" id="hs-cta-b53c0f45-fcb8-4ba6-a11f-9aca8537b985" style="visibility: visible; display: block; text-align: center;"><a class="cta_button" cta_dest_link="{page_3452}" href="https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/c/?cta_guid=0b18662a-88cf-40b3-af83-56f3867555f6&amp;placement_guid=b53c0f45-fcb8-4ba6-a11f-9aca8537b985&amp;portal_id=458120&amp;redirect_url=APefjpGZvOrqTm_mC0-uUQYIS_ELh8T54uSqnbIuMQVJN7Uh_EcPFd5urF0YNXbXHLrBB4EqhQma9fPHQMTHx06fUiAr3-9Ogzar31NXZFl0bdPiDoWA9ea_wU9rNj8T5Evq9w6B179Du-G4ku2JLKJwN1Gpct9uMMMC9DyQKpesQpvRu-j3Td8opab-Bmefj3YVQdd6AWF0GmtUKLPbMjJofROqIUrosurYZVzDZgrG3nypSVMTZSHtJACZPgRz2TS2g60ZpkDsWwuy6zGUgL21VNRS4YVSaSnez21u5t6jKeWTU4t7d9-vopQCmoepKFbTAPPOVQTtjZ_Q-FHHLxYmjHZ1-uvmxQ&amp;hsutk=2767d93d6471d657e0c9f660e4b58ef8&amp;utm_referrer=https%3A%2F%2Fblog.anomali.com%2F4-tools-for-the-best-cyber-threat-management&amp;canon=https%3A%2F%2Fblog.anomali.com%2F4-tools-for-the-best-cyber-threat-management&amp;pageId=4149417412&amp;__hstc=41179005.2767d93d6471d657e0c9f660e4b58ef8.1456736058655.1478831861868.1478887113345.180&amp;__hssc=41179005.19.1478887113345&amp;__hsfp=1335165674" id="cta_button_458120_0b18662a-88cf-40b3-af83-56f3867555f6" style="margin: 20px auto;" target="_blank" title="Download Here">Download Here </a> </span> <script charset="utf-8" src="https://js.hscta.net/cta/current.js"></script> <script type="text/javascript">hbspt.cta.load(458120, 'b53c0f45-fcb8-4ba6-a11f-9aca8537b985', {});</script> </span></p>

Get the Latest Anomali Updates and Cybersecurity News – Straight To Your Inbox

Become a subscriber to the Anomali Newsletter
Receive a monthly summary of our latest threat intelligence content, research, news, events, and more.