In the second part, we will take the discussion forward from where we left in the first part. Earlier, we have discussed the basics of threat intelligence and its types. In this post, we will discuss various considerations while building a threat intelligence plan.
There are a lot of definitions of cyberspace. Military agencies typically consider it the fifth domain after space, sea, air, and the land. However, there is a fundamental difference between these four domains and the cyberspace, which is that (unlike cyberspace) these four are geographical in nature. Whereas, cyberspace is a dynamic field. It does not hold any specific geographical area. We can say that cyberspace can be embedded in all other domains as it is transforming continuously. With its expansion, threat or attack surfaces are also expanding proportionally.
In the previous post, we discussed the basics of Threat Intelligence and its types by throwing light on the concept of knowns and unknowns. In information security, any information which can aid the internal security team in the decision-making process and reduce the recovery time accordingly is considered as threat intelligence. This first part in this series of articles will discuss threat intelligence cycle and its importance.
The phrase Threat Intelligence has slowly gained significance in the information security community and their discussions. With the decision makers considering it as a high priority requirement, vendors have launched an array of products which are indeed confusing for an executive with the managerial background. This is an introductory post in our series of detailed discussion on threat intelligence.
Information leakage of threat intelligence, incident data, and status data can have several legal consequences for organizations. Information leakage can occur due to the misconduct of disgruntled employees or results in by virtue of a nefarious cyber-attack. The underlying sections will take a deep dive into two different scenarios—namely, The Trauma of IP Address Leakage and The Menace of Product Vulnerability Leakage. Understanding these scenarios, you will be able to know how IP address leakage and product vulnerability leakage can affect your company and CSIRT team.