How to ensure effective threat intelligence
Cyber Security Hub discusses best practices for threat intelligence with Nate Mendell, partner at Morrison Foerster
Add bookmark
Cyber attacks are on the rise, with malicious actors employing more sophisticated techniques to gain unauthorized access to victims’ systems.
Cyber Security Hub research has found that globally, 84 percent of companies have experienced a cyber attack in the past 12 months. With this in mind, it is unsurprising that 25 percent of cyber security professionals also told Cyber Security Hub that threat intelligence is the most important priority for cyber security investment in 2023.
Here, Cyber Security Hub speaks with Nate Mendell, partner in Morrison Foerster’s investigations and white collar defense and privacy and data security practice groups, about how threat intelligence has involved in the face of a rapidly developing threat landscape.
Cyber Security Hub: Why is threat intelligence so important for good cyber security?
Nate Mendell: In order to protect your network and your organization, you need to know what you are protecting it from – what you are guarding against. Basic steps like multi-factor authentication and password hygiene are helpful and necessary, but threat actors are using new strategies to circumvent the standard defenses. Current threat intelligence helps your system evolve and respond to these new and more sophisticated attacks.
CSH: What can prevent threat intelligence from being effective? How can these issues be overcome?
NM: The most frequent point of failure is user error – “own goals” like clicking on a malicious link or failing to update and patch. The utility of threat intelligence depends on not just conveying information to users but getting them to act on that information. The solution is user engagement, and the strategy for that varies by institution and can be anything from limiting system access to timely prompts. Even humor can be effective!
CSH: How has threat intelligence evolved over the past few years? How will it evolve in the future?
NM: Threat intelligence has grown up! Users and systems have become more sophisticated in response to the prevalence of hacking, ransomware and other cyber security threats. Threat intelligence has necessarily become more detailed, and the pace of updates has increased – it’s an arms race, basically. Going forward, expect more of the same, with artificial intelligence (AI) playing a role on both sides.
