recentpopularlog in

jerryking : threat_intelligence   4

The Evolution of a Cybersecurity Firm - WSJ
By Cat Zakrzewski
May 16, 2017

......Certainly when someone is working with us today, they’re looking for us to deliver an outcome. They’re not necessarily looking for us to just provide them with a product and move on. That’s a big evolution in our model. We’re helping them manage cybersecurity risk.....It’s a big shift to go from a company that sold several products that each performed a separate security function to one that delivers an architecture designed to help customers drive more-holistic outcomes. In many cases, our customers are now asking us to help them manage and run our products for them so that they can get more value versus doing it themselves.......The problem we see in security is that often companies take the lack of attack on their company as meaning they have a good defense, and as a result do not place enough emphasis on the urgency of patching their systems to prevent future attacks.....[Cybersecurity has] gone from a back-office function to a boardroom-level issue. Now everyone in the C-suite of an organization has at least got some basic understanding of cybersecurity issues.

That’s bringing a whole level of visibility to it that we haven’t had in the past. Boards are worried about brand implications, they’re worried about intellectual property, they’re worried about business operations being interrupted, they’re worried about losing value. .....: I think the biggest mistake technical people can make is leading with the technology in both their explanation as well as in their remedies, leading with a one-size-fits-all problem. I think that’s when people get confused about what we’re trying to do. Then they think, well I can just go buy a widget and technical widgets should solve my technical cybersecurity problem. Cybersecurity is a systemic challenge. There are people issues......One key area is making sure that your partners and vendors are part of your extended, coordinated response, and that comes through clearly understanding what potential scenarios you face and then practicing what to do when an incident occurs.......Cybersecurity has a similar set of challenges, where you constantly are operating and have risks. People can be compromised, you have complex systems. You might make an acquisition where that firm had a breach and you’ve brought that into your organization. Cybersecurity is something you need to think about in a risk-based context and think about it holistically.
CEOs  McAfee  boards_&_directors_&_governance  cyber_security  cyberthreats  outcomes  risk-management  data_breaches  network_risk  threat_intelligence  one-size-fits-all  thinking_holistically  Michael_McDerment  C-suite 
may 2017 by jerryking
The Chinese Hackers in the Back Office - The New York Times
By NICOLE PERLROTHJUNE 11, 2016
a murky and much hyped emerging industry in selling intelligence about attack groups like the C0d0s0 group. Until recently, companies typically adopted a defensive strategy of trying to make their networks as impermeable as possible in hopes of repelling attacks. Today, so-called threat intelligence providers sell services that promise to go on the offensive. They track hackers, and for annual fees that can climb into the seven figures, they try to spot and thwart attacks before they happen.
China  hackers  cyber_security  data_breaches  pre-emption  security_&_intelligence  threats  offensive_tactics  threat_intelligence  back-office 
june 2016 by jerryking
Intelligence Start-Up Goes Behind Enemy Lines to Get Ahead of Hackers - The New York Times
By NICOLE PERLROTH SEPT. 13, 2015

iSight Partners, a company that provides intelligence about threats to computer security in much the same way military scouts provide intelligence about enemy troops....For the last eight years, iSight has been quietly assembling what may be the largest private team of experts in a nascent business called threat intelligence. Of the company’s 311 employees, 243 are so-called cyberintelligence professionals, a statistic that executives there say would rank iSight, if it were a government-run cyberintelligence agency, among the 10 largest in the world, though that statistic is impossible to verify given the secretive nature of these operations.

ISight analysts spend their days digging around the underground web, piecing together hackers’ intentions, targets and techniques to provide their clients with information like warnings of imminent attacks and the latest tools and techniques being used to break into computer networks.

The company’s focus is what John P. Watters, iSight’s chief executive, calls “left of boom,” which is military jargon for the moment before an explosive device detonates.... iSight's services fill a critical gap in the battle to get ahead of threats. Most security companies, like FireEye, Symantec, Palo Alto Networks and Intel’s security unit, focus on blocking or detecting intrusions as they occur or responding to attacks after the fact.

ISight goes straight to the enemy. Its analysts — many of them fluent in Russian, Mandarin, Portuguese or 21 other languages — infiltrate the underground, where they watch criminals putting their schemes together and selling their tools.

The analysts’ reports help clients — including 280 government agencies, as well as banks and credit-card, health care, retail and oil and gas companies — prioritize the most imminent and possibly destructive threats.

Security experts say the need for such intelligence has never been greater....the last thing an executive in charge of network security needs is more alerts, he said: “They don’t have time. They need human, actionable threat intelligence.”
cyber_security  security_&_intelligence  dark_web  hackers  intelligence_analysts  iSight  Symantec  threats  humint  spycraft  pre-emption  actionable_information  noise  threat_intelligence  left_of_the_boom  infiltration 
september 2015 by jerryking

Copy this bookmark:





to read