5 Tips You Can Start Using Today to Reduce Business RiskPOSTED BY ANDY GEPERT
Cyber threat intelligence (CTI), risk management and privacy teams tend to work as siloed operations. But how can they come together – fusing processes and procedures – to achieve more? To analyze the opportunity and share their insights, Jason Passwaters, Chief Operating Officer, Intel 471; Alex Schlager, Chief Product Officer, Security Services, Verizon; and Matt Hartley, Chief Product Officer, BreachRX; joined ThreatQuotient’s Jonathan Couch in a recent Cybersocial webcast, “Risky Business: Reducing Business Risk Through Threat Intelligence.”
Here are five key takeaways from their discussion:
- Collaboration is starting to happen.
Industries that have historically been more targeted by attackers, such as the financial services sector, are further along in understanding how these teams and functions interact. Typically, they start with a use case and one of the most popular is third-party risk mitigation. Commoditization of ransomware has fueled a lot of this, along with a secondary factor – the booming underground marketplace where threat actor activity selling access into organizations has increased over the last 18-24 months. In these more mature organizations, CTI and risk management teams are working together to help get early notification of increased risk of exposure using automated lookups of third-party data in these marketplaces. Some organizations are also building-out realistic scenarios to understand the potential impact of an adversary on data privacy, and the legal and regulatory fallout. These are just two examples of how teams are beginning to break down siloes and use threat intelligence to assess and reduce operational risk.
- Communication is vital.
Collaboration is difficult when you speak different languages. Privacy and risk management teams simply want the CTI team to provide them with the information they need, but the CTI team may not understand what these teams need. This disconnect often stems from the fact that cybersecurity professionals typically don’t come up through the business and therefore lack historical knowledge and business context. Mutually beneficial relationships are forged when the CTI team can talk about the value they can deliver to help privacy and risk teams achieve their objectives. To do this well, the CTI team must understand these functions and what matters to them, like General Data Protection Regulation (GDPR) or third-party breaches. Often, the best and fastest way to gain a deeper level of understanding is for the CTI team to go on a capabilities road show to learn the business and team objectives so they have the context to better explain how they can help.
- Use automation to empower people.
Automation is critical from a time and cost perspective, particularly as CTI expands to support more business functions. A majority of companies can’t find the cybersecurity talent they need and have significant budgetary constraints so automation, enhanced with AI and machine learning, can help bridge the gap. The objective isn’t to fully automate, but to empower staff so they can move up the value chain to take on more strategic initiatives while automating repetitive, administrative tasks.
- It’s time to get started.
CTI, privacy and risk management teams have a common interest – to reduce risk and business impact of attacks. Take advantage of this common interest to start breaking down barriers. Bring these teams together to share knowledge of the business, the industry and dominant attack vectors. Then work backwards, using realistic, worst-case scenarios to show the value of technologies and best practices to meet each group’s requirements from a security, privacy and regulatory standpoint. With most employees working remotely right now, risk is elevated, and the urgency is real. There’s no time like the present to start opening lines of communication and collaborating.
- Champions come from anywhere.
There is no set profile of the best person or people to lead this charge. It comes down to relationships. Sometimes it’s the CISO and Chief Privacy Officer working together. But just as often it’s an analyst or a manager who has been with the organization for a long time and has already forged connections. Circling back to takeaway number two, the key is to identify someone who understands the business needs and can communicate effectively with each specific group.
We all know that the era of corporations presenting themselves as victims and stepping back from responsibility are gone. The focus now is on demonstrating swift, proactive, comprehensive steps to mitigate risk. CTI can help reduce business risk by working in partnership with privacy and risk management as these functions evolve. Watch the webinar on demand for more great tips and insights from these experts, so you can get started now.