5Approach to Cybersecurityf6ce14d4647f05e937f4-4d6abce208e5e17c2085b466b98c2083.r3.cf… · 1. Know...
Transcript of 5Approach to Cybersecurityf6ce14d4647f05e937f4-4d6abce208e5e17c2085b466b98c2083.r3.cf… · 1. Know...
Building a Business Case for Cyber ThreatIntelligence
Building a Business Case for Cyber ThreatIntelligence
Reasons Your OrganizationNeeds a Risk-Based Approach to Cybersecurity5 Reasons Your OrganizationNeeds a Risk-Based Approach to Cybersecurity5
1. Know the specific cyber threats targeting your business
2. Limit the impact of your data for sale on the Dark Web
3. Bring cybersecurity into the broader risk discussion
4. Be able to show due diligence in a court of law
5. Redirect your cyber tactics for the most effective defense
Target, Home Depot, Sony, Anthem, the U.S. Office of
Personnel Management – even the biggest organizations
cannot keep themselves out of the headlines. Many of these
organizations had staff and myriad cybersecurity tools in place
(anti-virus, firewalls, intrusion detection systems, etc.), yet
they were still breached. Clearly, the current approach is not
working. Businesses cannot keep building higher walls and
deploying the same technologies without the INTEL to focus
on what matters most. You need cyber threat intelligence to:
5 Reasons for a Risk-Based Approach to Cybersecurity
The Bad Guys are Winning
of businesses have
experienced a data
breach within the
past two years. 45%
The Ponemon Institute
“
”
• Gain a complete picture of your cyber risk
• Focus on the most relevant cyber threats
• Act on threats before they impact your organization
Cybersecurity reports have consistently painted a bleak picture
for organizations. There have been 80-90 million cybersecurity
events per year, or up to 250,000 attacks per day in recent
years, according to The RIC Report. The expanding supply
chain of vendors, partners, and technology is an increasingly
exploited backdoor into organizations. It takes more than 200
days for businesses to even know they’ve been breached.
It’s no wonder that time and time again we see long-term
breaches that aren’t even discovered by the compromised
organization, but rather by an outside party such as law
enforcement. With so many attack vectors, not to mention the
ease of which cybercriminals can circumvent cybersecurity
tools through social engineering, deciding where to deploy
your “troops” can be difficult. With an intelligence-driven
defense, you know what threats are coming and you can
redirect your resources to focus on what matters most.
Threat Intel Helps You:
1. Security Breaches Keep Happening
Even with Security Tools
of attacks are
thought to
go undetected. 70%The RIC Report, Bank of America/Merrill Lynch, Oct 2015
“
”
0101100010110100
• Understand what cybercriminals are after
• Discover active threats against your organization
• Understand your fraud footprint
Those unfamiliar with the Dark Web tend to imagine it as
something akin to the Wild West. However, markets on the
Dark Web tend to work more like illicit versions of consumer
friendly services such as eBay or Amazon. Cybercriminals
actively sell and trade a wide variety of illegal goods and services
complete with user reviews, refund policies and other forms of
customer service. Users can easily purchase stolen credit cards,
user accounts, credentials, reward points, intellectual property
and cybercrime-as-a-service offerings, such as exploit kits,
malware and phishing pages. It’s sensitive, valuable information
– and the organizations it belongs to are often completely in
the dark. Knowing what is being sold is a crucial step in both
understanding what types of information criminals are after and
mitigating the threat before it gets worse.
Threat Intel Helps You:
2. Shining a Light on the Dark Web
Find Your Dirty Laundry
• Tie specific threats to the impact on your business
• Connect the server room to the board room
• Share cyber intel across the organization and supply chain
A data breach can cost millions, but its effects are even more
widespread: CEOs lose their jobs, profits drop, customers
leave, brands are damaged. Then there’s the costs of incident
response, customer notifications, class-action lawsuits,
regulatory fines, and audits. Cybersecurity is a risk that must
be managed at the board level, but business leaders are
struggling, finding it hard to align security strategies with real-
world business strategies (EY, Cyber Program Management,
Oct 2014). There remains a gap between the language of
cybersecurity and the language of business operations. A
successful cyber risk management program helps close that
gap by directly tying relevant cyber threats to business impact.
This is crucial as cyber-attacks are the number one source
of IP theft and economic attacks against governments (BoA/
Merrill Lynch). In fact, loss of Intellectual Property has grown
71% over the past 3 years according to Check Point.
3. Cybersecurity isn’t a Technical Problem
Threat Intel Helps You:
It’s a Business Problem
of execs have
major cybersecurity
concerns around
M&A Activity. 85%
Global Capital Confidence Barometer Survey
”
“
• Understand the most critical areas of cyber risk
• Identify and address gaps in your security program
• Show due diligence in the court of law
Legal liability with regards to cybersecurity continues to
evolve. In July 2015, the Seventh Circuit Court of Appeals in
Remijas v. Neiman Marcus Group found that just the theft of
customer financial information was enough to satisfy standing,
potentially opening the door for more breach litigation or a
Supreme Court ruling on the issue. In August 2015, the Third
Circuit Court of Appeals in FTC v. Wyndham Hotels & Resorts
confirmed that the Federal Trade Commission does have the
authority to take action against companies over weak data
protection standards. In addition to the FTC, organizations can
see legal action from various agencies such as the Securities
and Exchange Commission, the Department of Health and
Human Services, and others. Organizations also have to deal
with many state and federal laws regarding consumer privacy –
as well as evolving definitions of what are “best practices” and
“reasonable” efforts.
Threat Intel Helps You:
4.
You’re Liable for Poor Security
Changing Rules for Legal Liability
• Prioritize your cyber defenses
• Reduce any cybersecurity blind spots
• Account for all aspects of business risk
Rather than try to stay on top of every cyber threat – which
may or may not even be targeting your business – a risk-based
approach focuses on only the threats that are relevant to your
organization, your supply chain and your customers. This
ensures that your cybersecurity resources can be maximized
to get the most bang for your buck by addressing your top
areas of cyber risk. Without threat intelligence, organizations
may be blind to supply chain risks and Dark Web threats,
and their efforts may be unfocused. As the UK Government
Communications Headquarters Top 10 Security Steps
emphasizes, organizations need to apply the same degree of
rigor to assessing cyber risk as they do to other areas such
as legal, regulatory, financial or operational risk. After all,
cybersecurity is not just a technical issue, but one that impacts
all aspects a business. Using threat intelligence can help you
gain a clearer picture of your organization’s overall cyber risk.
5. Focusing on What Matters Most
Threat Intel Helps You:
A Risk-Based Approach
1. Know the specific cyber threats targeting your business
2. Limit the impact of your data for sale on the Dark Web
3. Bring cybersecurity into the broader risk discussion
4. Be able to show due diligence in a court of law
5. Redirect your cyber tactics for the most effective defense
Something is missing from the current state of cybersecurity.
Security is often stuck at the network level and risks aren’t
elevated to understand the impact on the business. Threat
intelligence can help bridge this gap between low-level tactics
and strategic insights, so you can protect your business and
your customers’ information to help your organization:
When it comes to data breaches, it’s no longer a matter of “if,”
it’s only a question of “when.” Be prepared and reduce your
risk with cyber threat intelligence.
Download the “How to Choose a Threat Intelligence Vendor” eBookLean more about choosing the right vendor to implement
threat intelligence with our complimentary eBook.
Schedule a Demo of SurfWatch Cyber AdvisorSurfWatch Cyber Advisor provides you with an immediate
threat intelligence operation that ensures the best defense.
Bridging the Cyber Threat Intelligence Gap
From Tactical to Strategic
45610 WOODLAND ROAD, SUITE 350STERLING, VA 20166 PHONE: [email protected]
ABOUT SURFWATCH LABS
SurfWatch Labs helps organizations and service providers quickly establish a strategic cyber threat
intelligence operation that drives more effective use of their tactical defenses. Founded in 2013 by
former US Government intelligence analysts, SurfWatch Labs solutions provide a 360-degree view
of cyber threats in the context of your business, along with practical and personalized support to
create immediate insights and meaningful action.