September 1, 2016
Joe Franscella

Getting the Most out of Cyber Threat Intelligence Feeds

<p>An enterprise security configuration can be comprised of many different platforms and points of data collection. Using an application to collect, store, and analyze this data for threats requires user participation. One poll of security pros shows that <a href="" target="_blank">less than half are getting the full value</a> from their initiatives. To make the best use of the suggestions and alerts which come from your cyber security threat intelligence feeds takes ongoing thought and effort.</p><p>When you use a commercial threat feed package which comes with support, you should take advantage of the service. Ways to utilize support in non-crisis times:</p><ul><li>Access whitepapers</li><li>Watch webinars</li><li>Get suggestions on ways to improve settings</li></ul><p>Every threat intelligence configuration is different since no two user-to-network relationships are the same. It is up to the end user to install the various applications and configure their findings to be properly analyzed.</p><p>Customize and fine-tune cyber threat intelligence feeds to reduce excessive alerts. “Noise” in your notifications causes problems for the staff monitoring the notifications. Investigating redundant alerts wastes time; as does responding to false alarms. Accurate alerts will let you respond promptly and avoid the “boy who cried wolf” syndrome. If the platform offers suggestions alongside <a href="https://www.anomali/blog/how-to-sort-through-your-threat-intelligence-feeds">alerts in your threat intelligence feed</a>, by all means, use them!</p><p>Have you considered that there may be the means to a competitive edge hidden in your traffic? Refocus your attention back to your competition if you doubt the importance of cyber security. If your industry has multiple organizations offering the same products or services, customers use other criteria to choose. Avoid data breaches by looking in your cyber threat intelligence feeds for early indicators. Advance notice that someone is after this event can save you from a crisis. Similarly, if your competition is after your R&amp;D, client lists, etc. there will be evidence of access in your network traffic history.</p><p>You can even try ethical hacking. Yes, it’s legal. Ethical hacking is a self-examination technique that helps identify weak points in your cyber-security configuration by working from the outside in. Find a trusted party such as an IT security expert in house or hire out to <a href="" target="_blank">find a reputable consultant</a>. An expert or team of experienced security professionals will walk in an adversary’s shoes and attempt to breach your defenses using black hat techniques. If your cyber threat intelligence feeds fail to alert you to their presence, you must think of a solution.</p><p>An outsider may think to test areas you haven’t defended, so it’s best to put this task to someone who wasn’t involved in the planning or implementation of your system. Based on their experiences, you can alter your strategy as needed before actual threats discover the same vulnerabilities.</p><p>Tools are only as effective as the people using them allow. No cyber threat intelligence feed can protect a network used by careless or uninformed users. Make an effort to educate everyone about the importance of cyber security. Create policies defining the best practices you expect them to use. These policies cannot just sit in a binder in the IT control center. Rolling cyber-security policies into the main risk management strategy and overall conduct policy can ensure the expectations are made clear to new employees and included in performance reviews. It’s OK to limit file access and block domains in the name of saving the company’s future.</p><p>Accurate and efficient threat alerts can save your company from <a href="https://www.anomali/blog/what-a-bad-threat-intelligence-platform-could-cost-you">distress, lost productivity, and great financial liability</a>. Make sure you’re getting all the value possible from your investment in cyber security applications and experts.</p><p>Download the Security Intelligence and Information Sharing Strategy whitepaper and learn more about the new approach to threat intelligence using trusted collaboration.</p><p><span class="hs-cta-wrapper" id="hs-cta-wrapper-79cc3352-61a2-44b7-8b7c-6f25d759918c"><span class="hs-cta-node hs-cta-79cc3352-61a2-44b7-8b7c-6f25d759918c" data-hs-drop="true" id="hs-cta-79cc3352-61a2-44b7-8b7c-6f25d759918c" style="visibility: visible; display: block; text-align: center;"><a class="cta_button" cta_dest_link="{page_3458}" href=";placement_guid=79cc3352-61a2-44b7-8b7c-6f25d759918c&amp;portal_id=458120&amp;redirect_url=APefjpG-T9DbRGzFhpFbgrA_N1ex3V0uP-Gxee8VuquoaEvRzcTDrZfnXS-YzuH9VMKZJdT41qrrVGySGL_9_KhiUSGlHwwSw8BQc7ziyBtz_qBjcAWBpRnMzV9k1_ZEJkeDtfPefMLq6ONe9bZMfZYV2XCHkQqj6y_kcfu-jHe8VCWJq5mvvvH954Bsu0vxUbLbRvYTgIL-ofA5QfdkN2KJhsKyX-4MC8w4agrYd0qLyfZMjV-sAuLNodfhVE1gra5ZxXOFGvwRG02PnD2Ro5vB0WiA7K8zCtdxC9Qgb7TVRSRPPq6fvfdUKMuJgqsSF6d1bjmIuEoZNLAmrkRMBbZWCiQJI1BdNg&amp;hsutk=2767d93d6471d657e0c9f660e4b58ef8&amp;;;pageId=4337556591&amp;__hstc=41179005.2767d93d6471d657e0c9f660e4b58ef8.1456736058655.1478822660171.1478831861868.179&amp;__hssc=41179005.16.1478831861868&amp;__hsfp=1335165674" id="cta_button_458120_4f082f1c-a704-4df4-a627-a030c2f8e351" style="margin: 20px auto;" target="_blank" title="Download Here">Download Here </a> </span> <script charset="utf-8" src=""></script> <script type="text/javascript">hbspt.cta.load(458120, '79cc3352-61a2-44b7-8b7c-6f25d759918c', {});</script> </span></p>

Get the Latest Anomali Updates and Cybersecurity News – Straight To Your Inbox

Become a subscriber to the Anomali Newsletter
Receive a monthly summary of our latest threat intelligence content, research, news, events, and more.