At the recent CISO Summit held in Mumbai, Sidharth Mutreja, the Enterprise Solutions Architect at Kaspersky Lab, shared his views on “Efficiently Managing Risks with Cyber Threat Intelligence”.
Cyber threat intelligence (CTI) is a practice of organizing, analyzing, and refining the information related to current or potential cyber threats that can affect an organization. The aim of CTI is to help businesses learn the risks of most common cyber attacks, like zero-day threats, advanced persistent threats, and exploits.
For responding and counter-attacking the modern cyber attacks, organizations need a complete view of the tricks and tools used by attackers. Sidharth Mutreja shed light on the best practices to make well-informed strategies for detecting the attacks, identify the cybercriminals, and impacts of attacks in short-term as well as long-term.
“With the ever-evolving threat landscape, organizations need to be more proactive in their approach for cybersecurity. As a proactive measure, security teams need to embrace cyber threat intelligence encompassing technical, operational, tactical and strategic threat intelligence into their existing security operations to leverage specific intelligence for proactive countermeasures and threat hunting,” said Mutreja.
When organizations assess the risks related to their digital footprint, they can direct the focus of their defensive strategy in the right areas. It also helps in making well-informed decisions related to budgets and staffs.
“Today’s cybersecurity approach in terms of solutions and services don’t just have to be as advanced as the threats but should be able to strike down a threat even before it hits. Hence, it is of critical importance that organization’s today enhance their predictive and pre-emptive capabilities with cyber threat intelligence,” added Mutreja.
Further, Mutreja also talked about the Kaspersky CyberTrace, a threat intelligence fusion and analytics tool, which the company launched in February this year.
The Kaspersky CyberTrace is a free tool that integrates multiple threat data feeds with SIEM solutions. It will help enterprises to identify the threats that can be dangerous for the organization and allow security teams to focus on the right areas.