Skip to content

The emergence of Threat Intelligence-as-a-Service

Posted by:
2 min read

August 1, 2023 – Published on SC Magazine

Managed security services providers (MSSPs) have come a long way. Historically, many organizations have lacked the skills and people to build internal security teams, so early MSSPs focused on staff augmentation. But throwing bodies at the problem did not necessarily improve processes or effectiveness, and the results were often just expensive outsourcing.

Service providers have been increasingly embracing more advanced technologies that can triage and reduce alert fatigue, increase accuracy, and give smaller organizations access to complex automation solutions that they can’t manage themselves. We’ve seen this with a recent wave of managed detection and response (MDR) services, making advanced detection and response capabilities available to a wider market.

Threat intelligence promises to help enterprises get ahead of attacks, and proactively look around the corner – not just reflexively respond to alerts and incidents. But managing and making sense of threat intelligence has proven difficult for many security teams, especially smaller ones.

Industry analyst firm Gartner reports that few organizations today have an accurate picture of their own threat landscape. They say security and risk management leaders struggle to know what threats should constitute real concerns for their organizations.

Today, there’s no shortage of threat data available from open-source feeds, commercial providers, industry associations, and internal security processes. However, aggregating, correlating, and prioritizing this massive amount of data to create a “single source of truth” presents a much greater challenge. And ultimately, threat intelligence only works when it can communicate the relevant data to the right people, at the right time, so they can act upon it swiftly.

According to Tony Cook, senior director of digital forensics and incident response and threat intel at GuidePoint Security, managing threat intelligence can overwhelm small and medium-sized security teams. This typically requires expertise, and complex systems that are only practical for large enterprises with specialized threat intel analysts, Cook said.

Read More HERE.

Categories: Incident Response & Threat Intelligence News
Tags:GRIT

GuidePoint Security

How to Effectively Use Threat Intelligence to Drive Better Security Outcomes
When it comes to intelligence, it is not necessarily about how much information we have, but how valuable that information […]
Download

Related Articles

View All

How to Effectively Use Threat Intelligence to Drive Better Security Outcomes
Read More < 1 min read
  • Cybersecurity
Mark Lance, VP, DFIR & Threat Intelligence at GuidePoint Security, talks to Stories from the Cybersecurity Trenches.
Read More < 1 min read
  • Incident Response & Threat Intelligence
DFIR & Threat Intelligence Practice
Read More < 1 min read