Threat intelligence vendor Recorded Future is reporting a wave of targeted attacks against power plants, electricity distribution centers and seaports in India. [Read More]
NEWS ANALYSIS: Armorblox raises $30 million and joins a growing list of well-heeled startups taking a stab addressing one of cybersecurity’s most difficult problems: keeping malicious hackers out of corporate mailboxes. [Read More]
Leading technology companies said Tuesday that cyber operations linked to the massive SolarWinds hack was so sophisticated, focused and labor-intensive that a nation had to be behind it, with all the evidence pointing to Russia. [Read More]
Carmakers Kia and Hyundai denied that the outages they suffered in the past week in the United States were the result of a ransomware attack. [Read More]
Microsoft says the SolarWinds hackers attempted to access its systems even after they were discovered and they were apparently searching for secrets in source code. [Read More]
French President Emmanuel Macron has unveiled a plan to better arm public facilities and private companies against cybercriminals following ransomware attacks at two hospitals this month and an upsurge of similar cyber assaults in France. [Read More]
The center of gravity of the Security Operations Center (SOC) used to be the SIEM, but this is shifting as the mission of the SOC shifts to become a detection and response organization.
The pandemic has resulted in security team members and teams working better together, as well as more closely with other departments and with industry sharing groups.
For companies trying to build new or mature existing intelligence programs, the Age of COVID has been an excellent time to capture 30-60 minutes with that hard-to-find manager
To push security operations forward, we must move towards a single, collaborative environment that can include threat hunters, incident handlers and threat intelligence and SOC analysts.
As you build your cyber intelligence program – and have all the vendors lined up to take your money – don’t overlook the importance of investing in the right people.
Curated threat intelligence is an essential capability of the SOC, enabling tools and teams to work more efficiently and effectively to optimize everything from incident response to threat hunting.
Knowing that threat intelligence is readily available and proving its worth is one thing, understanding how to use it within your security operations program is quite another.
When intelligence becomes a capability and not just subscriptions to feeds, we can gain the full value of intelligence as the foundation to security operations.