Devising a comprehensive strategy to protect your organisation from hackers, data breaches and other cyber security threats[1] is complicated.
Not only do organisations need to ensure they're protected from criminal hacking groups[2] -- which might be state-sponsored[3] or something less sophisticated[4] -- they also need to account for the actions of their own staff.
While not every staff member plans to get involved in wrong-doing, without proper instructions and policies on how to use, store and transfer data[5], there's the risk of information being mishandled, employees inadvertently giving away credentials in phishing emails[6] and much more.
In order to protect against these threats -- and if necessary, to act accordingly should they fall victim to an attack -- organisations should be taking two things into account: business risk intelligence and cyber threat intelligence.
They may sound similar but there are important differences between the two and by properly applying both, an organisation can go a long way to protecting itself from cyber threats.
What is cyber threat intelligence?
Cyber threat intelligence looks outward, searching for the potential threats to which an organisation should be ready to respond.
According to a report published in association with CERT-UK, good threat intelligence can "turn unknown threats into known and mitigated threats", in order to understand the threat landscape organisations face and improve the effectivess of their defence.
Cyber security analysts can use the data from their own internal security systems to build an understanding of the threats they face, plus feeds from vendors and other suppliers of data such as SIEM (security information and event management) tools which allow organisations to monitor their traffic and