Cybercriminals are constantly developing new tools, methods and exploits to take advantage of vulnerabilities. To more effectively discover and respond to attacks, your organization must stay up to date with recent threat intelligence.
Failing to stay current can leave you open to attacks and compromise, since the attacks may use methods you’re not aware of. This can lead to massive sensitive data loss, disruption of services, destruction of critical infrastructure and the theft or loss of large sums of money.
Staying current doesn’t have to be a huge undertaking. Active threats are routinely identified and reported by government agencies, including US-CERT and the FBI, as well as numerous private companies. They also typically include guidance and instructions to protect against and mitigate attacks.
Next steps
- Identify respected organizations that provide reliable threat information: Some may require fee-based membership for full access, and some may come as a part of a service. You can also choose organizations based on your industry. For example, InfraGard has industry-specific chapters you can join. Other valuable threat intelligence sources include SANS Institute, Internet Storm Center/DShield and US-CERT.
- Leverage an ISAC as one of your sources: The National Council of ISACs comprises information sharing and analysis centers in different industries whose purpose is to share information around cyberthreat prevention, protection, response and recovery. Examples of ISACs include the MS-ISAC for state, local, tribal and territorial governments; Health-ISAC for the healthcare industry; and FS-ISAC for financial services firms.
- Use the information provided: Apply information obtained from (but not limited to) these sources to continuously evolve your cyber security program and stay ahead of new threats.