A thorough cybersecurity threat intelligence team can turn a threat into a tool for future protection. Their job is to conduct background research on threat groups’ motivations and capabilities. This way, the intelligence team can be ready to protect an organization with even greater knowledge in the future.
Strong cybersecurity threat intelligence about who attackers are and what they want can help an organization in a critical moment. For example, if an attacker is already on the network, defenders need to act swiftly before significant damage is done. After that critical moment is over, the intelligence gathered in the process means the team can also inject new information into platforms to inform incident response consultants, managed security clients and data.
IBM’s X-Force Incident Response and Intelligence Service analysts have observed many real-world threat groups. Read on to learn the value threat group data brings to the table. Plus, explore some specific actions organizations can take to help defend themselves.
Cybersecurity Threat Intelligence in Action: MegaCortex
Last year, cybersecurity threat intelligence helped stop a MegaCortex ransomware attack before it was executed. In turn, this saved the client organization from damages that had the potential to stretch to $239 million or more. Several threat intelligence insights were able to provide a warning that the attackers were likely preparing for a ransomware attack. The threat intelligence team advised incident responders and the client to remain vigilant. The threat actors could turn destructive if they suspected they had been found. The possibility of these actors deploying ransomware — potentially within hours — was a real threat.
Because of these actions, cybersecurity threat intelligence and preparing for the worst paid off. On ..
Support the originator by clicking the read the rest link below.
