Nowadays, organizations are exposed to a high volume of security related information. Unfortunately, most of these organizations have little to no capabilities of using this information in a proactive manner, i.e. using information to try to change or anticipate an outcome. In other words, using information to produce intelligence products. It is safe to say that few of these organizations have a clear understanding of what Cyber Threat Intelligence (CTI) is and what it is not.

As we wrap up Cybersecurity Awareness Month (CSAM) 2022, the final topic we’ll cover is updating software and patching vulnerabilities. According to the 2022 Data Breach Investigations Report (DBIR) from Verizon one of the top paths threat actors use to infiltrate organizations is exploiting vulnerabilities. And there appears to be no end in sight as the number of unique security vulnerabilities rose almost 10% in 2021, up to 20,142 from 18,351 in 2020.

The Anti-Phishing Working Group (APWG) Phishing Activity Trends Report reveals that in Q2 of 2022 there were 1,097,811 total phishing attacks. This marks the worst quarter for phishing observed to date, exceeding Q1 of 2022 which was the first time the three-month total exceeded one million.

In our previous Cyber Security Awareness Month (CSAM) blog we talked about the added value we as cybersecurity practitioners can bring to the table by sharing knowledge we take for granted with individuals across the organization that will ultimately help strengthen defenses. The first topic we covered was multi-factor authentication (MFA). CSAM’s next topic is using strong passwords. Here are a few tips we have found useful to share with colleagues, as well as family and friends.

Do a quick search for the top cybersecurity breaches thus far in 2022 and you’ll quickly be overwhelmed with reports of cryptocurrency thefts, attacks targeting multinational corporations and critical infrastructure, and nation-state backed attacks spurred by ongoing geopolitical conflict. It’s easy for individuals to let their guard down and think they’re safe because these complex attacks aren’t targeting them specifically.

We’ve spoken extensively about the importance of taking a data-driven approach to Vulnerability Management. In short the efficiency and effectiveness of vulnerability management processes depend heavily on inclusion of threat intelligence for both prioritization and response activities. At any given time, only a small fraction of existing vulnerabilities are actively exploited or exploitable.

According to Proofpoint’s 2021 State of the Phish Report, more than 80% of organizations fell victim to a phishing attack last year. Another report from PhishMe found that 91% of cyberattacks start with a phish, and the top reasons people are duped by phishing emails are curiosity (13.7%), fear (13.4%), and urgency (13.2%), followed by reward/recognition, social, entertainment, and opportunity.

Our latest industry research – ‘The 2022 State of IT Security Automation Adoption’ – which we have undertaken for the second year running and expanded into other regions including the UK, USA and Australia, shows strong signs that cybersecurity automation adoption is advancing, but 97% of respondents say they have experienced problems during implementation.

Threat intelligence has become a significant input to the overall ecosystem that organizations leverage in their security footprint. Managing that data and the contextualization required to develop useful information can be daunting for fledgling and established organizations. I will discuss ways to automate some of the repetitive tasks and fuel other areas of the security organization to help them better achieve their mission sets.