As seen in recent years, all organisations in the public or private sector, no matter what shape or size, are vulnerable to a cyberattack. Hence the need for Cyber Threat Intelligence, says Dave Markham of Fujitsu.
Companies need not only be concerned with protecting their data but the entire operation of a company itself. If data is corrupted, deleted or encrypted with ransomware by hackers who demand a fee to provide the unlock code, a targeted cyberattack can cause chaos for an organisation – both financial and reputational.
In fact, cyber criminals are becoming increasingly bold, finding new and creative ways to dupe people into revealing compromising sensitive financial and personal data. This means ‘unusual behaviour’ is getting harder to detect and might not seem unusual at all.
With our latest report revealing a fifth of the UK public believe cybercrime and hacking are the biggest challenges facing the UK today, every single organisation has an obligation to make data protection as much of a priority as the public.
After all, cybercrime is not a probability – it is an inevitability. And the way businesses prepare for it can make all the difference.
As such, we’re seeing an increase in customer demand for services that ensure they can properly defend themselves from attacks that have the potential to put them out of business.
One way of addressing this growing concern is with the use of Cyber Threat Intelligence (CTI).
A whistle-stop tour of Cyber Threat Intelligence
Cyber Threat Intelligence can be defined in many different ways.
Whilst many organisations use it simply as a thread feed, threat intelligence can also be an invaluable early warning system in helping to identify and block potential threats before they escalate and become problems.
But organisations don’t need to do this continual monitoring and analysis on their own. Indeed, at Fujitsu we support our customers by routinely cataloguing daily spam campaigns to derive intelligence, enabling a proactive understanding on threat landscapes that means we can offer rapid protection.
Because we understand the value of Cyber Threat Intelligence, it is not about spotting a problem once it has hit.
In fact, at the end of last year, we uncovered a number of ransomware campaigns that delivered a family known as ‘Globelmposter’. Also known to deliver a large number of banking Trojans such as Dridex and Trickbot, this variant of ransomware was delivered by the Necurs Botnet.
By spotting that threat and acting to block it before it caused damage, we were able to protect businesses and their valuable data.
In short, we do the hard work so our customers don’t have to. That’s because we turn information into intelligence.
Why is Cyber Threat Intelligence important to businesses?
It can be challenging in any corporate environment to express the severity of a vulnerability not only as a technical risk, but also a financial, human and business risk.
But with new regulations such as GDPR, it’s important businesses invest in technical and security controls which help them more proactively search for threats themselves instead of waiting for breaches to happen.
Indeed, threat intelligence can be as simple as providing guidance on ‘protecting’ using basic defences such as a patch management. Take last years’ Petya and Wannacry outbreaks as a prime example. The malware actually used an SMB vulnerability that simply needed patching.
If more organisations had put in place Cyber Threat Intelligence then there is a strong chance it could have been picked up many weeks earlier, helping reduce the amount of suffering caused by impacted businesses during these attacks.
Proactive not reactive
In a digital-first environment where so much data is stored, customers are right to be worried about the next strain of cyber security incidents.
Adopting a proactive approach by combining vulnerability management with Cyber Threat Intelligence will be a great use case for protecting corporate environments.
By Dave Markham, Fujitsu.