Monday, July 20, 2015

Why cyber should not be limited to cyber

From Business Reporter:

Why cyber should not be limited to cyber

Many emerging intelligence needs are not addressed by the offerings of the traditional IT security industry. Assessing a company’s reputation and how it may prompt attacks, understanding the motivations and beliefs of a threat actor, and discovering how a geopolitical event triggers the use of a new attack type promoted on social media all require access to and analysis of data that IT or product companies don’t provide. Yet, putting cyber-events in the context of the world at large is critical in order to understand and potentially predict future threats. The need for a more holistic approach to threat intelligence, beyond the technical parameters, is undeniable – and it’s there for the taking.

Open-source intelligence (OSINT) is not new, and making sense of data from publicly available sources is as relevant for cyber security as it is for other purposes. With a plethora of data everywhere about everything, access to data is no longer the issue. On the other hand, access alone is not the solution either. We live in times when availability of data is better than ever, yet the fear of having missed something continues to keep company executives awake at night.  This disconnect can only be mitigated by broadening perspectives, recognising the need for change in internal processes, and using new technologies to find and unlock the information hidden in the vast volumes of data available today on the web.

No comments:

Post a Comment