Mine Of Information

There are thousands of ransomware attacks every day, for example, and numbers are increasing by more than a third each year, while almost a quarter of a million malware samples (whether trojan horses, worms, viruses or others) are produced every 24 hours.

In such a seemingly hostile environment for businesses large and small – a reported 43 percent of cyber attacks are aimed at small businesses – organisations are faced with understanding, organising and analysing the threats they face. This is what cyber threat intelligence (CTI) is about.

It is applied widely, almost universally in cybersecurity, yet it has also been described as an “elusive” concept.

“Most organisations will have some use of threat intelligence; it’s a core part of establishing effective security controls and is practically mandated by common information security management standards,” says Sam Pumphrey, head of digital security at Cambridge Consultants, a technology consultancy based in Cambridge in the United Kingdom.

“The interesting challenge is how do you get good threat intelligence. You want up-to-date intelligence that is actionable and drives immediate improvements in operational security. The best will account for your specific security and operational context.

“Most of the innovations in threat intelligence are about how you can get better, more timely, more targeted threat intelligence.”

This is, says Pumphrey, where the value of cyber threat intelligence comes from: in keeping on top of the everevolving threat landscape.

“It’s never been evolving at such a pace, so the value of good threat intelligence has never been greater,” he says.

“Every week there’s many hundreds of new vulnerabilities discovered. Any company’s system can be suddenly a lot more vulnerable than it was the day before.