Building a Business Case for Cyber Threat Intelligence. 5Reasons Your. Organization Needs a Risk-Based 5Approach to Cybersecurity

Transcription

1 Building a Business Case for Cyber Threat Intelligence 5Reasons Your Organization Needs a Risk-Based 5Approach to Cybersecurity

2 5 Reasons for a Risk-Based Approach to Cybersecurity The Bad Guys are Winning Target, Home Depot, Sony, Anthem, the U.S. Office of Personnel Management even the biggest organizations cannot keep themselves out of the headlines. Many of these organizations had staff and myriad cybersecurity tools in place (anti-virus, firewalls, intrusion detection systems, etc.), yet they were still breached. Clearly, the current approach is not working. Businesses cannot keep building higher walls and deploying the same technologies without the INTEL to focus on what matters most. You need cyber threat intelligence to: 1. Know the specific cyber threats targeting your business 2. Limit the impact of your data for sale on the Dark Web 3. Bring cybersecurity into the broader risk discussion 4. Be able to show due diligence in a court of law 5. Redirect your cyber tactics for the most effective defense 45% past of businesses have experienced a data breach within the two years. The Ponemon Institute

3 1. Security Breaches Keep Happening Even with Security Tools Cybersecurity reports have consistently painted a bleak picture for organizations. There have been million cybersecurity events per year, or up to 250,000 attacks per day in recent years, according to The RIC Report. The expanding supply Threat Intel Helps You: Gain a complete picture of your cyber risk Focus on the most relevant cyber threats Act on threats before they impact your organization chain of vendors, partners, and technology is an increasingly exploited backdoor into organizations. It takes more than 200 days for businesses to even know they ve been breached. It s no wonder that time and time again we see long-term breaches that aren t even discovered by the compromised organization, but rather by an outside party such as law 70% go of attacks are thought to undetected. enforcement. With so many attack vectors, not to mention the ease of which cybercriminals can circumvent cybersecurity tools through social engineering, deciding where to deploy your troops can be difficult. With an intelligence-driven defense, you know what threats are coming and you can The RIC Report, Bank of America/Merrill Lynch, Oct 2015 redirect your resources to focus on what matters most.

4 2. Shining a Light on the Dark Web Find Your Dirty Laundry Those unfamiliar with the Dark Web tend to imagine it as something akin to the Wild West. However, markets on the Dark Web tend to work more like illicit versions of consumer friendly services such as ebay or Amazon. Cybercriminals actively sell and trade a wide variety of illegal goods and services complete with user reviews, refund policies and other forms of customer service. Users can easily purchase stolen credit cards, user accounts, credentials, reward points, intellectual property and cybercrime-as-a-service offerings, such as exploit kits, malware and phishing pages. It s sensitive, valuable information and the organizations it belongs to are often completely in the dark. Knowing what is being sold is a crucial step in both understanding what types of information criminals are after and mitigating the threat before it gets worse. Threat Intel Helps You: Understand what cybercriminals are after Discover active threats against your organization Understand your fraud footprint

5 3. Cybersecurity isn t a Technical Problem It s a Business Problem A data breach can cost millions, but its effects are even more widespread: CEOs lose their jobs, profits drop, customers leave, brands are damaged. Then there s the costs of incident response, customer notifications, class-action lawsuits, Threat Intel Helps You: Tie specific threats to the impact on your business Connect the server room to the board room Share cyber intel across the organization and supply chain 85% M&A of execs have major cybersecurity concerns around Activity. Global Capital Confidence Barometer Survey regulatory fines, and audits. Cybersecurity is a risk that must be managed at the board level, but business leaders are struggling, finding it hard to align security strategies with realworld business strategies (EY, Cyber Program Management, Oct 2014). There remains a gap between the language of cybersecurity and the language of business operations. A successful cyber risk management program helps close that gap by directly tying relevant cyber threats to business impact. This is crucial as cyber-attacks are the number one source of IP theft and economic attacks against governments (BoA/ Merrill Lynch). In fact, loss of Intellectual Property has grown 71% over the past 3 years according to Check Point.

6 4. Changing Rules for Legal Liability You re Liable for Poor Security Legal liability with regards to cybersecurity continues to evolve. In July 2015, the Seventh Circuit Court of Appeals in Remijas v. Neiman Marcus Group found that just the theft of customer financial information was enough to satisfy standing, potentially opening the door for more breach litigation or a Supreme Court ruling on the issue. In August 2015, the Third Circuit Court of Appeals in FTC v. Wyndham Hotels & Resorts confirmed that the Federal Trade Commission does have the authority to take action against companies over weak data protection standards. In addition to the FTC, organizations can see legal action from various agencies such as the Securities and Exchange Commission, the Department of Health and Human Services, and others. Organizations also have to deal with many state and federal laws regarding consumer privacy as well as evolving definitions of what are best practices and Threat Intel Helps You: Understand the most critical areas of cyber risk Identify and address gaps in your security program Show due diligence in the court of law reasonable efforts.

7 5. Focusing on What Matters Most A Risk-Based Approach Rather than try to stay on top of every cyber threat which may or may not even be targeting your business a risk-based approach focuses on only the threats that are relevant to your organization, your supply chain and your customers. This ensures that your cybersecurity resources can be maximized to get the most bang for your buck by addressing your top areas of cyber risk. Without threat intelligence, organizations may be blind to supply chain risks and Dark Web threats, and their efforts may be unfocused. As the UK Government Communications Headquarters Top 10 Security Steps Threat Intel Helps You: Prioritize your cyber defenses Reduce any cybersecurity blind spots Account for all aspects of business risk emphasizes, organizations need to apply the same degree of rigor to assessing cyber risk as they do to other areas such as legal, regulatory, financial or operational risk. After all, cybersecurity is not just a technical issue, but one that impacts all aspects a business. Using threat intelligence can help you gain a clearer picture of your organization s overall cyber risk.

8 Bridging the Cyber Threat Intelligence Gap From Tactical to Strategic Something is missing from the current state of cybersecurity. Security is often stuck at the network level and risks aren t elevated to understand the impact on the business. Threat intelligence can help bridge this gap between low-level tactics and strategic insights, so you can protect your business and your customers information to help your organization: 1. Know the specific cyber threats targeting your business 2. Limit the impact of your data for sale on the Dark Web 3. Bring cybersecurity into the broader risk discussion 4. Be able to show due diligence in a court of law 5. Redirect your cyber tactics for the most effective defense When it comes to data breaches, it s no longer a matter of if, it s only a question of when. Be prepared and reduce your risk with cyber threat intelligence. Download the How to Choose a Threat Intelligence Vendor ebook Lean more about choosing the right vendor to implement threat intelligence with our complimentary ebook. Schedule a Demo of SurfWatch Cyber Advisor SurfWatch Cyber Advisor provides you with an immediate threat intelligence operation that ensures the best defense.

9 ABOUT SURFWATCH LABS WOODLAND ROAD, SUITE 350 STERLING, VA PHONE: SurfWatch Labs helps organizations and service providers quickly establish a strategic cyber threat intelligence operation that drives more effective use of their tactical defenses. Founded in 2013 by former US Government intelligence analysts, SurfWatch Labs solutions provide a 360-degree view of cyber threats in the context of your business, along with practical and personalized support to create immediate insights and meaningful action.