The World Economic Forum has this week published its Cyber Security Outlook for 2022 report*, in which organisations are called to prioritise cybersecurity in business decisions. According to the report, a key aspect of this is in acquiring knowledge and an understanding of cybersecurity principles and measures to protect business operations from intolerable risks.
Adam Hunt, CTO at RiskIQ – a subsidiary of Microsoft, which specialises in internet security intelligence – argues that effective company cybersecurity posture relies on excellent threat intelligence into the global attack surface of an organisation. He comments:
“The World Economic Forum Cyber Security Outlook 2022 is right to call for cybersecurity as a business priority, but to develop a holistic view of potential threats to a business, security teams need actionable security intelligence that provides a bird’s eye view of the global attack surface. This shows precisely how their organisation’s unique internet relationships sprawl across the web. Businesses need security intelligence with a view of this attack surface to develop keen insight into threats most critical to the enterprise’s one-of-a-kind digital footprint.
“To maintain cybersecurity as a business priority, security programmes also need a robust budget for threat intelligence and forensic hunting capabilities. Security teams must be able to respond immediately and decisively to attacks and investing preemptively into threat intelligence data and systems is critical. CISOs must also have an advanced incident-response function and accompanying data. Indeed, it’s important CISOs can answer questions, such as what is the nature of the attack? Which features of the network are vulnerable? Has the company been breached? What clues exist as a result of the attack? Answering these questions when the attack is already happening is challenging.
“To this end, it is vital to rely upon in-depth internet reconnaissance to understand the different threat actors. After all, specific threat actors will exhibit different tactics, techniques, and procedures – they will also possess different assets and exploit unique vectors. Intelligence gathering on the deep and dark web – the natural hiding place of threat actors – will provide additional context of an adversary; for example, where have they attacked before and where might they attack again or what sort of information they are stealing.”