A new buzzword phrase is circulating in the cybersecurity world. And it is being put in heavy rotation by vendors who want to sell you something – whether or not it will actually help you protect your business data.
The new hot ticket is threat intelligence. Often you will see it in abbreviated all-caps, military-acronym style: THREATINTEL. Put that way it looks really scary and critical. Something you probably want Navy SEALS to handle. Or at least a spiffy new THREATINTEL solution that will light up your dashboard with glowing red warnings, as if World War III were at hand.
Yes, there really is such a thing as threat intelligence. And it can be a very good thing to have. But as security analyst Scott Terban points out at Infosec Island, "threat intelligence" has also become the latest flavor in enterprise scare-ware. Think and study before you buy.
Terban lists a number of components of threat security that would be relevant to businesses seeking to protect themselves. What stands out on that list is that only the final item – information provided by IDS/IPS (intrusion detection/prevention systems) and a Security Operations Center (SOC) – is the sort of "threat intelligence" being offered by tech vendors.
The rest of the list includes some technical factors that you, or your IT people, should be up to speed on. But most of the list is about (human) security awareness: