2017 Cybersecurity Predictions: Automation and Playbook Models Take On Key Roles in Threat Intelligence Sharing

Threat intelligence sharing among vendor and industry peers has come a long way, and in 2017 there will be more opportunities than ever to demonstrate its value; especially as conversations around sharing intelligence between the public and private sectors continues.

Crossing the Last Mile With Threat Intelligence

Security vendors and white hat researchers continuously seek new indicators of compromise. Once found, they convert them into prevention and detection controls and deploy them as quickly as possible. This is called actionable intelligence. The problem for the past decade is that most network defenders take days, weeks or even months to cross this last mile—if they do it at all.

What is needed is an automatic way to make the journey. Instead of analysts reading intelligence reports, deciding that the intelligence is pertinent to their environment, crafting prevention and detection controls for their deployed systems, and then deploying those controls, network defenders will, in the future, rely on automated systems which do that for them.

Read more predictions on The Cipher Brief.

Got something to say?

Get updates: Unit 42

Sign up to receive the latest news, cyber threat intelligence and research from Unit42


SUBSCRIBE TO RSS