Is Your Organization Prepared For a Cyber Attack?

Sean Leach | Apr 09, 2014

Infamous heavyweight boxer Mike Tyson once said “everyone has a plan until they get punched in the face.”  As any organization that has faced a cyber attack will tell you, it is a lot like getting punched in the face, and if you’re not ready, you might get knocked out.  

You’ve likely read recent headlines of major retailers, financial institutions, and now even universities, being hit with data breaches.  As some of them have learned the hard way, it’s not a question of if your organization will be attacked; it’s a question of when.  That’s why cyber threat intelligence is essential to any organization, large or small.

Launching a cyber attack has never been easier and these types of attacks are increasing in frequency, size and sophistication, making them more difficult to mitigate. These attacks are becoming so pervasive and complex that the White House recently announced new cybersecurity policies to improve efforts to protect critical U.S. infrastructures against the growing cyber threat.  President Obama even commented on the cyber threat issue saying, “[it] is one of the most serious economic and national security challenges we face as a nation.”  It’s clear that network security hardware and software alone cannot fully address the issue.  In order to properly defend against these threats, you need cyber security intelligence to provide actionable and relevant decision support to IT and business operations by enabling them to:

  • Better proactively protect against cyber attacks
  • Understand the motivation of the attackers
  • Identify vulnerabilities in their networks
  • Adapt their response and mitigation strategies in real time as an attack unfolds  
Organizations of all sizes can take advantage of threat intelligence; the first step is to ensure you have a process in place for acting on information received from intelligence sources.  Threat intelligence can come from many sources like open source intelligence (OSINT) and human intelligence (HUMINT).  It’s important to use multiple sources of intelligence to help corroborate potential attacks.  

Remember, every organization will likely face some type of cyber threat at some point (many already have and don’t even realize it). That’s why threat intelligence is essential to detecting and combatting these attacks, so take it seriously and make sure it’s a top priority for your organization.  

You can take the initial steps to a more intelligent cyber threat capability today and set a baseline, lay out a road map for future improvement and begin developing relationships with peers and other industry experts to share best practices.  For more information about how to develop a cyber intelligence capability, read our complimentary whitepaper: Establishing a Formal Cyber Intelligence Capability.