In a previous post, we focused on organizations’ characteristics, such as sector, geography, risk and impact, when discussing the pillars of building a threat identification program. Now, we move deeper into the concept and expand upon the threat identification process through example scenarios, helping translate the conceptual framework into daily practice.
It’s Always About Business Risk
Too often, our cybersecurity story is “pay no attention to the man behind the curtain.” We provide updates on new projects and significant attacks; we talk about blocking an attack in isolation and not in terms of business risk; and our success seems almost magical. The narrative can, thereby, remain limited and doesn’t communicate how our efforts are enabling the business. Our predictive work is hidden and our success is difficult to quantify or evangelize.
Coming into that overall picture, breach and attack simulation (BAS) platforms have been able to provide data on stopping attacks on time. It has changed our thinking and capabilities. By running thousands of potential attacks against a real, but non-production environment, we can generate data that validates which controls block an attack and which do not. We can also show the step-by-step success and missed opportunities in blocking a cyberattack, such as a phishing campaign, for example. This new ability to visualize and quantify was the missing link in communicating the value of predictive and preventative security work.
With this in mind, let’s look at putting threat intelligence to work and making it predictive, preventive and proactive (our three Ps).
Learn more
