Why Attribution Is Important For Today’s Network Defenders

It makes me cringe when I hear operators or security practitioners say, “I don’t care who the attacker is, I just want them to stop.” I would like to believe that we have matured past this idea as a security community, but I still find this line of thinking prevalent across many organizations – regardless of their cyber threat operation’s maturity level.

Attribution is important, and we as Cyberthreat Intelligence (CTI) professionals need to do a better job explaining across all lines of business and security operations how the pursuit of attribution, manifesting itself in adversary analysis, can be employed to improve an organization’s resource allocation and security posture.

(more…)

Verisign and Risk I/O Team Up to Deliver Actionable Cyberthreat Intelligence

I am thrilled to let you know that as of today, Risk I/O, a respected vulnerability threat management platform, will be leveraging Verisign iDefense vulnerability intelligence data as a part of its threat processing engine through a licensing agreement between the two companies.

As I have written in the past, intelligence-driven cybersecurity is critical for today’s ever-evolving cyberthreat landscape. Verisign iDefense vulnerability intelligence includes vulnerability, attack and exploit data, such as unpublished zero-day vulnerabilities, collected from over 30,000 products and 400 technology vendors around the world. This data will complement the threat processing of Risk I/O’s SaaS-based vulnerability threat management platform, which continuously aggregates attack data, threat data, and exploit data from across the internet, matching this data with customers’ vulnerability scan data to generate a prioritized list of vulnerabilities that are most likely to be exploited.

(more…)

6 Approaches to Creating an Enterprise Cyber Intelligence Program

According to the Verisign 2014 Cyberthreats and Trends Report, cyber intelligence has matured from an industry buzzword to a formal discipline, which has implications for vendors and security leaders. As few as seven years ago, cyberthreat intelligence was the purview of a small handful of practitioners, limited mostly to only the best-resourced organizations—primarily financial institutions that faced large financial losses due to cybercrime—and defense and intelligence agencies involved in computer network operations. Fast forward to today, and just about every business, large and small, is dependent on the internet in some way for day-to-day operations, making cyber intelligence a critical component of a successful business plan. That said, there are a wide variety of ways organizations can go about creating a cyber intelligence program.

I have the unique opportunity to speak with clients and partners on this topic from a variety of different industries as a part of my support for Verisign’s Intelligence-Driven Security program. I’d like to share some pragmatic tactical and strategic approaches to sourcing and applying cyber intelligence that I have gleaned through these activities and my own experience. The following is a brief overview of six approaches, along with key considerations that can help organizations of all types create a cyber intelligence program, build and align to a desired strategy, and create frameworks that — if executed properly — can become a defensive force multiplier.

(more…)

Sneak Peek: 2014 iDefense Cyberthreats and Trends Report

Every year, Verisign iDefense customers anxiously await the iDefense Cyberthreats and Trends Report from our analysts, which details what they see as the most prominent cyberthreats and trends for the new year. While the full version is not available just yet, we were able to get a sneak peek at several topics that will be discussed in the 2014 report. Take a look and let us know which you think will be the most prominent, and make sure to check back soon to see the full report.

(more…)

How Financial Institutions Can Up Their Game Against DDoS Attacks

With the ease of access to the internet and prevalence of social media today, unsuspecting computer users are making it easier than ever for malicious actors to target them with malcode. This trend has helped provide the perfect environment for Distributed Denial of Service (DDoS) attacks to grow in size, complexity and range of targets. Today’s attacks are not limited to web infrastructure; attackers are increasingly targeting the Domain Name System (DNS) infrastructure as well. This trend has been particularly noticeable in the financial industry, which has been hit hard over the last year.

(more…)