Aug 27

A Threat Intelligence Business Case Example, Part IV

General Cyber Intel

 

ThinkstockPhotos-180245209-compressed

By Eric Olson, VP of Product Strategy

Over the past few weeks we have explained why threat intelligence is essential for your cyber security plan, how to map your security needs to business objectives, and how to formulate a plan. Now, we’ll put all of that together. The following two examples, one for information security and the other for physical security, illustrate some common situations where a business case is built to justify an expenditure on threat intelligence.

Information Security Case: Preventing Counterfeits

Your security team must protect your organization from intentional or inadvertent exposure of sensitive product intellectual property data online. While this is self-explanatory to a security team, tying it back to a business objective may not be as clear.

Read more

Aug 25

Cyveillance Weekly Threat Intelligence Brief – August 25, 2015

General Cyber Intel

Welcome to the Cyveillance Weekly Threat Intelligence Brief

News on digital tablet.

Threat intelligence is constantly evolving. We publish a weekly security brief for our customers, and provide the highlights to the public to keep you informed on the latest security incidents and threats. For the latest security news stories throughout the day, follow us on Twitter, and subscribe to our blog to stay up-to-date on findings from our analyst research reports!

Read more

Aug 24

Cyveillance Weekly Phishing Report – August 24, 2015

General Cyber Intel Phishing

 

Phishing Report: Top Targets

Week of August 16 – 22, 2015
Author: Robert McDaniel

 

Phishing Report

In this week’s phishing report, we saw more than a >5% increase in phishing activity for the top 20 brands we’re tracking, grouped by industry. Computer Software (>80%), Government (>55%), and Telecommunications (>55%) saw large spikes in phishing activity last week.  We saw a decrease in phishing activity for Banking (>35%) and eCommerce (>23%).

Read more

Aug 20

Formulating a Threat Intelligence Plan, Part III

General Cyber Intel

 

ThinkstockPhotos-477045930-compressed

Author: Eric Olson, VP of Product Strategy

In our previous posts in this series on making the business case for threat intelligence, we’ve explained the importance of using threat intelligence and how to justify your security needs by equating them with a business objective. In this post, it’s time to get to the nitty gritty: creating an actual plan.

Let’s take the principles we’ve discussed the past few weeks and use them to formulate a plan and a budget request.

Read more

Aug 18

Cyveillance Weekly Threat Intelligence Brief – August 18, 2015

General Cyber Intel

Welcome to the Cyveillance Weekly Threat Intelligence Brief

News on digital tablet.

Threat intelligence is constantly evolving. We publish this weekly security brief to keep our customers updated on the latest threats across a variety of industries. For the latest security news stories throughout the day, follow us on Twitter, and subscribe to our blog to stay up-to-date on highlights from our analyst research reports!

Read more

Aug 17

Cyveillance Weekly Phishing Report – August 17, 2015

General Cyber Intel Phishing

 

Phishing Report: Top Targets

Week of August 9 – 15, 2015
Author: Robert McDaniel

 

Phishing Report - August 17, 2015

In this week’s phishing report, we saw more than a >15% increase in phishing activity for the top 20 brands we’re tracking, grouped by industry. Banking (>130%), eCommerce (>170%), and Computer Software (>70%) saw large spikes in phishing activity last week.  We saw a decrease in phishing activity for Electronic Payment Systems (>15%) and Internet Content Providers (>15%).

Read more

Aug 13

Aligning Threat Intelligence Security Needs & Business Objectives, Part II

General Cyber Intel

 

ThinkstockPhotos-459434713-compressed

Author: Eric Olson, VP of Product Strategy

In our first post in this four-part series on making a business case for threat intelligence, we defined threat intelligence and how to determine if your organization needs it. Today, we will discuss how to align your security needs and business objectives.

In a typical management structure, the two forces behind business decisions are often governing bodies or fiduciary duties. Most chief information officers (CIOs) or chief financial officers (CFOs) don’t want to spend money unless there is documented proof that something will have a real impact to the business, which often makes it difficult to quantify investments in solutions to address security threats. Although at a high level the forces behind the security team’s decisions merge with those of management, at a more detailed level, security professionals are driven by protecting the organization and its assets, causing them to speak a different language than management.

In a recent PricewaterhouseCoopers study, many senior executives and boards said they found it hard to link security technology to the related tactical risks it is supposed to help mitigate. In order to successfully argue the need for a threat intelligence capability, security professionals must map their objectives to management’s objectives.

The following overarching business objectives are always a good place to start: reducing cost or risk, generating or retaining revenue, utilizing assets, and meeting regulatory requirements.

Read more

Aug 11

Cyveillance Weekly Cyber Security Trends Report – August 11, 2015

General Cyber Intel

cyber-security-trends-report

Welcome to the Cyveillance Weekly Cyber Security Trends Report

Since threat intelligence is constantly evolving, we publish this weekly cyber security trends report to keep our customers updated on the latest threats across a variety of industries. You can read an abridged version below. Follow us on Twitter and subscribe to our blog to make sure you don’t miss any of the latest security articles from Cyveillance experts.

Read more

Aug 10

Cyveillance Weekly Phishing Report: August 10, 2015

General Cyber Intel Phishing

 

Phishing Report: Top Targets

Week of August 2 – 8, 2015
Author: Robert McDaniel

08102015 Phishing Report - Top Targets

 

In this week’s phishing report, we saw more than a 10% decrease in phishing activity for the top 20 brands we’re tracking, grouped by industry. Internet Search & Navigation services saw the biggest increase (>100%) in phishing activity, followed by Electronic Payment Systems (>70%). We saw a decrease in phishing activity for eCommerce (>90%) and Banking (>55%).

Read more

Aug 7

Toronto Pan Am Games Conclude Peacefully, but Post-Event Outlook Shows Potential for Future Physical Security Incidents in Region

Executive Security General Cyber Intel

https://www.facebook.com/staffordbrothers/videos/vb.29156168328/10153446692883329/?type=2&theater&notif_t=comment_mention

Author: Hans Mathias Moeller, Senior Intelligence Analyst

In today’s post, we review our recent assessment of potential physical security threats to the Toronto Pan Am Games. While the Games concluded peacefully, there are insights to be gained from the event that can help companies operating in this region be better prepared for future risks.

One of the challenges cyber threat analysts face is making accurate assessments of physical and digital risks for events, organizations, and individuals based on information gathered from open source intelligence (OSINT). Although there are many software solutions that collect and deliver data from social media and web monitoring, our view is that there’s a big difference between “threat intelligence” and “data,” and in order for organizations to make informed decisions, human analysis of potential threats in context is critical for identifying what (or who) is relevant to a situation or not. As part of that process, it’s also helpful to review such assessments after the fact to better guide future forecasts.

In our report, Toronto Pan American Games 2015 – Assessment of the Physical Threat Environment, we discussed possible physical security threats to the Games, which were held July 10—26, as well as short and medium-term threats to companies operating in the Greater Toronto Area. These threats included domestic and international terrorism, protests and social unrest, and natural hazards, among others.

While the event concluded with no major incidents, there are valuable insights we can gain from our analysis to help companies in this region maintain situational awareness and understand potential physical threats in the environment. With this in mind, let’s take a look at our original predictions regarding the Games, versus what actually happened.

Read more

Subscribe to Our Blog!

Join thousands of security professionals and get our latest blog content in your inbox.

Your information will never be shared.

CLOSE