security

With so much data at hand, should cyber defenses be more effective? – TechRadar


These days there’s no shortage of threat data available to leverage in the fight against cybercriminals. With so much of it to call on, the uninitiated might be tempted to ask why security teams aren’t building better cyber defenses to ward off attacks. But, there’s a gaping divide between much of the threat ‘data’ that security analysts are given and the actionable threat ‘intelligence’ they need to make properly informed decisions and responses.

The difference between data and intelligence

What is often loosely referred to as ‘threat intelligence’ is in fact a vast array of information from disparate sources, including threat reports, email messages, vendor advisories, blogs, forums, articles, pdfs, and documents. Much of it is text-based, which is a major problem as it doesn’t have a predefined format, making it far more challenging to process and operationalize. While this data is essential for comprehensive cybersecurity, analysis is made even harder as it also lacks context and relevance. Trying to get this type of unstructured data into a usable, meaningful format eats into an analyst’s time, day in and day out. It is an arduous, lengthy, manual task.



READ SOURCE

This website uses cookies. By continuing to use this site, you accept our use of cookies.