Threat intelligence platforms are more than plug and play network protection alarms. Antivirus software is only one component of a cybersecurity system. It’s now possible and recommended to integrate traffic logs into one common application. When traffic logs from all corners of your digital holdings are analyzed together, more threats are detected in advance.
What can happen to you individually without one? This week a historic breach of 500 million accounts made national headlines. The hack, which occurred in 2004 but was just recently discovered, was attributed to state-sponsored hackers. With access to user emails, hackers could potentially access users work, secrets and even sufficient information to crack other accounts.
Why are they important to the collective USA specifically? Private sector businesses have been targeted by organized hackers. Foreign companies understand the value in pirating data that is useful and expensive to produce. Governments are supporting teams or well organized attempts to steal research and development of healthcare innovations, advancement of other scientific technologies, and even private media creations.
The US military relies on the web and short range tech like Bluetooth as much as it relied on wired and radio-transmitted information in the past. Enemies of state intercepting and decrypting military intelligence successfully can be incredibly dangerous to troops and domestic targets. The US has signed an agreement to cease organized hacks with China, who previously had perpetuated hacks valued over $445Billion dollars annually. Countries with which we have hostile or uncertain relationships have been identified as responsible for hacks, however there are potentially more undiscovered or new threat actors on the horizon. For example, it is suspected that Russia was responsible for the recent DNC breach which potentially affected the presidential election.
The US government has adopted a bill encouraging a unilateral effort to expose and stop cyber-crime. CISA, the Cybersecurity Information Sharing Act, mandates that government entities use threat intelligence platforms to collect and share data about hacks and other sorts of malicious or intrusive traffic. This legislation applies to government agencies and contractors who work for the government. CISA is not mandated yet for private data-holding industries like banks or healthcare providers; however, that may be a reasonable expectation in the future.
Larger corporations are adopting more thorough policies and threat intelligence platforms as the return on investment for cyber-threat intelligence is substantiated. The challenge is greater for small to medium sized businesses. These companies are in a position of having fewer resources to adopt the most sophisticated security platforms. SMEs often go under within six months of a hack, so they would do well to adopt the best defenses their budget will allow. Access to shared threat intelligence is made possible with the Modern Honey Net. This open source project allows users to customize the base platform to their needs and share indicators of compromise with other users.
The arguments for adopting threat intelligence platforms and leveraging shared intelligence are growing. Adaptation of cyber-security intelligence programs is taking off for organizations of all size. Why wait to be among the last in the US to get on board.
Topics:Threat Intelligence Platform