Monthly Archives: September 2016

The Role of IOCs in Threat Intelligence

The Role of Indicators of Compromise in Threat Intelligence

Published:

“Not everything that can be counted counts, and not everything that counts can be counted.”

Albert Einstein

The application of traditional threat intelligence to the field of information security is a relatively young one. As the ability of the community to collect and share intelligence grows, the techniques we use to analyse it become more sophisticated. Assuming we have access to a “firehose” of big data, how can we model and analyse security threats most effectively? This question has led to many organisations attempting to standardise the process and provide a consistent way of distributing threat data. How effective are they at doing this, and how could they be better? How can we better use these imperfect sources of intelligence to inform our analyses?

Continue reading
The Legal Sector: Current Threat Intelligence Sharing Landscape

The Legal Sector: Current Threat Intelligence Sharing Landscape

Published:

According to industry reports and surveys, cyber-criminals are systematically targeting the legal sector: it was reported to be the third most targeted sector in February 2016.  Yet, there seems to be a lack of a single point of reference when it comes to community sharing platforms designed to raise cyber situational awareness between firms. This lack of information and intelligence sharing across the wider industry is assessed as a being inadequate, considering the severity of the threat law firms face globally.

Continue reading
Russia's Cyber Profile

A riddle wrapped in a mystery inside an enigma: an analysis of Russia’s cyber profile

Published:

In today’s geopolitical arena, battles are increasingly fought with bits instead of bullets, and bots instead of soldiers. While these covert operations largely remain behind the scenes, the result is often felt as an aftershock by the public. The list of casualties, which includes some of the biggest names in financial services, technology, defence and government, is growing exponentially. And to further blur the already murky waters surrounding the issue of attribution in cyber warfare, nation state actors aiming to achieve a degree of deniability now often employ proxies to engage in cyber espionage campaigns.

Continue reading