Threat Intelligence Can Provide A New Level Of Cybersecurity - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

10:00 AM
Sean McGrath
Sean McGrath
Event Updates
Connect Directly

Threat Intelligence Can Provide A New Level Of Cybersecurity

Digital Shadows CTO James Chappell discusses how to use big data and data analytics to stay ahead of attackers.

Cyberthreat intelligence is a hot topic right now in the security arena. It’s a natural progression of the big data analytics buzz, so why not take the same ideas and apply them to cybersecurity? By mining data, from inside and outside the business, a new level of insight is possible.

That’s the theory anyway. For a business with no experience in big data or cyberthreat intelligence, the leap might seem mildly daunting.  James Chappell is chief technology officer at threat intelligence specialist Digital Shadows. Speaking at Interop London, he gave some handy hints on how businesses could begin to use intelligence to regain the upper hand.

[To hear more on this topic, register for your free tickets to Interop London.]

“I think it’s fair to say that most companies already do cyberthreat intelligence in one form or another,” Chappell said. “But we’ve got much more effective at sharing, and we are doing it in a way never done before. We used to share by going to meetings with our peers but now we are doing it on a machine-to-machine basis.”

“We can also use compute resources at scale in ways we were never able to before,” Chappell added. “There are huge opportunities here.”

So where does a business start? It is important to first have a proper definition of the term intelligence, according to Chappell. While this might sound a touch rudimentary, it provides a useful foundation when thinking about how best to use the data already at our disposal. Intelligence, he said, isinformation that provides relevant and sufficient understanding for mitigating the impact of a potentially harmful event.”

He argues that intelligence isn’t intelligence until you do something with it: “Even if you have an intelligence provider, until you’ve consumed the data and taken some action, it’s arguable that it’s not intelligence."

With this in mind, the CTO told the audience that there is plenty that organisations can do to start using their data before even considering a threat intelligence service provider.

“There is a bunch of stuff that businesses can do without spending a bean,” Chappell said. “For a starter, you can talk to your Computer Emergency Response Team, either for your country or for your vertical. You just get in touch, receive their alerts – and now you can start to do threat intelligence.”

Collaboration is also key, he stressed. Sharing amongst peers is one of the most effective forms of intelligence gathering.

“Attackers collaborate all the time against us,” Chappell noted. “Go onto Tor and look at the dark marketplaces; you can see that ecosystem of threats taking place – very, very innovative and real collaboration. We need to do that as an industry if we are going to have any hope at all of defending ourselves. It’s vitally important that we collaborate with our peers as much as possible.”

Another handy hint, for businesses looking to dip their toes into the frigid waters of threat intelligence, is to use tools already at the organisation’s disposal.

“Your marketing teams already have monitoring solutions, why not use them? Look at how you are being discussed online. Look for the negative conversations, and see if they tell you anything about threats against your business.  All of this stuff gets you off the starting blocks for threat intelligence.”

Interop London logo (small)Interop, the flagship event of London Technology Week, takes place at ExCeL London June 16 to 18 2015. Find out more here.

Sean McGrath is a freelance IT writer, researcher, and journalist. He has written for PC Pro, the BBC, and TechWeekEurope, and has produced content for a range of private organizations. Although he holds a first class degree in investigative journalism, his dreams of being a ... View Full Bio

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
2021 State of ITOps and SecOps Report
2021 State of ITOps and SecOps Report
This new report from InformationWeek explores what we've learned over the past year, critical trends around ITOps and SecOps, and where leaders are focusing their time and efforts to support a growing digital economy. Download it today!
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

Remote Work Tops SF, NYC for Most High-Paying Job Openings
Jessica Davis, Senior Editor, Enterprise Apps,  7/20/2021
Blockchain Gets Real Across Industries
Lisa Morgan, Freelance Writer,  7/22/2021
Seeking a Competitive Edge vs. Chasing Savings in the Cloud
Joao-Pierre S. Ruth, Senior Writer,  7/19/2021
Register for InformationWeek Newsletters
Current Issue
Monitoring Critical Cloud Workloads Report
In this report, our experts will discuss how to advance your ability to monitor critical workloads as they move about the various cloud platforms in your company.
White Papers
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll