#WeekendWisdom 036 Cyber Threat Intelligence
Welcome to #WeekendWisdom number 36. This week we’re going to talk about Cyber Threat Intelligence.
Where did this one come from?
Last week, a very significant vulnerability was revealed in F5 Big-IP networking equipment. It’s so significant that it was trivial for attackers to be able to compromise these devices from the internet.
I was speaking with friend of mine, whose company I knew used F5 equipment. He had been surprised to hear about it. He hadn’t heard about it through his normal channels.
This got me thinking about where did he get his cyber threat intelligence from? And it was a weekly newsletter that he had signed up to.
What is Cyber Threat Intelligence?
Now threat intelligent basically is information that is published from public sources. They tell about vulnerabilities and things that are going on. Attacks that are being perpetrated by different nation states and organised gangs, etc.
Where can you get this from?
So I get daily feeds from the likes of the Internet Storm Center. They publish details on the fly of anything they become aware of. You can sign up to receive these in an email. There is also their daily podcast which is called the StormCast. This is a great 5 to 6 minutes long Podcast.
The Cyber Wire also put out a daily podcast that takes perhaps 15 to 20 minutes and it gets into a bit more detail.
The National Cyber Security Centre in Ireland also put out a weekly newsletter. This contains summaries of all the week’s news. So these are really great sources of getting your cyber threat intelligence. So you should sign up to.
There are many, many different sources for Cyber Threat Intelligence. Find the one that suits you best and use that.
Can any of this stuff be automated?
Yes. You can get feeds that provide the intelligence which the likes of:
- Security Information and Event Management (SIEM) systems
- Intrusion Detection Systems (IDS)
- Intrusion Prevention Systems (IPS)
can utilise to protect your infrastructure. These are outside of the scope for this blog post.
So that’s it for this week. Let’s be careful out there and we’ll talk to you again next week.
How can L2 Cyber Security help you?
We offer a full range of training programmes, which can be delivered online or in-person*.
L2 Cyber Security are also a partner of CyberRiskAware for online self-directed Cyber Security Awareness training and Phishing testing.
Contact us for more information at info@L2CyberSecurity.com.
*With appropriate social distancing and other health and safety measures adhered to.
Follow us on Social media:
Liam is available on Twitter, LinkedIn and Instagram.
Follow L2 Cyber on Twitter, LinkedIn, Instagram and Facebook.