How Today’s Security Teams are Using Threat Intelligence to Win the Fight Against Cybercrime
Within just the past few years, widespread and damaging cybersecurity crimes have spread like wildfire across the globe, exposing vulnerabilities in every interaction in every industry. It’s been reported that cybercrime damages will cost the world $6 trillion annually by 2021, up from $3 trillion in 2015.
Behind the scenes, security operations centers and analysts have amped up their response to strengthen their security posture and prevent future breaches and hacks. Meanwhile, Cyber Threat Intelligence (CTI) has gained traction as a way to collect, classify, and exploit knowledge about adversaries. This information is then used not only to detect threats, but prevent them.
Data from the SANS Institute shows that adoption of CTI has grown year over year since 2016 and this year, four out of five professionals plan to use CTI. The annual report reveals that CTI has made a significant impact improving overall security operations (70%), reducing the time to identify and respond to incidents (59%), revealing vulnerabilities to implement new controls (59%), and preventing damage to business systems or data (45%).
But what kind of data makes the most impact? The report sheds some light on this, too. Specific indicators of compromise, such as an IP address or domain name, is used by more than two-thirds of security professionals to inform investigations. Other information, such as vulnerabilities and broad information on attacker trends were listed as the most useful.
Here at DomainTools, we know that not all CTI platforms are created equal. The DomainTools Iris Investigate Platform maps the connected infrastructure to help security teams quickly and efficiently investigate potential cybercrime and cyberespionage. It provides visibility into what is happening on your own network and is easy for teams to work in concert to defeat foes together.
If you haven’t received a demo on how Iris Investigate can help your investigations, let us know. In the meantime, below is a quick look at the data in the full SANS 2018 Cyber Threat Intelligence Survey report: