QOTD – Threat Intelligence Is a Process, Not a Product

Bruce_Schneier_at_CoPS2013As I have been researching threat intelligence lately, the services that provide it, and the organizations that really produce it, I was struck with an odd thought that harkened back to the turn of the century from Bruce Schneier describing how to fix security. In this post from 2000 Schneier introduces the concept of security being a long-term process rather than a one-and-done deal. From this he derived his famous saying that “Security is a process, not a product.”

The same seems to be true in today’s world for threat intelligence. There are a lot of services that provide great threat data but really none that totally “fix” the security issues we face. Only with continuous and individualized knowledge of your enterprise, your adversaries, and your partners can this data be used to produce real actionable threat intelligence for your organization. So in honor of Bruce’s quote from 15 years ago, I leave you with the following quote of the day.

“Threat intelligence is a process, not a product.” – grecs (with inspiration from Schneier)

(Note: As part of a campaign to bring forward some of our older posts that we feel still benefit the community, we’ve added this article to our Best Of category that will periodically get tweeted out. Please mention it to me on Twitter or contact us if there are any other posts you feel we should include in this category. This post was previously categorized under Infosec Blogs/Podcasts. [email protected]grecs)

#####

Today’s post pic is from WikiMedia.org. See ya!

10 comments for “QOTD – Threat Intelligence Is a Process, Not a Product

  1. June 30, 2015 at 12:00 am

    BLOGGED: QOTD: Threat Intelligence Is a Process, Not a Product http://t.co/sl6sIRYwF7

  2. June 30, 2015 at 3:49 am

    QOTD: Threat Intelligence Is a Process, Not a Product http://t.co/STeu9iBHYu

  3. August 29, 2015 at 7:51 pm

    Best Of: QOTD: Threat Intelligence Is a Process, Not a Product http://t.co/Z1OtcCVgFe

  4. August 29, 2015 at 8:15 pm

    QOTD: Threat Intelligence Is a Process, Not a Product – NovaInfosec http://t.co/vudJPXmLw2 via @Nathiet

  5. September 10, 2015 at 2:00 am

    Best Of: QOTD: Threat Intelligence Is a Process, Not a Product http://t.co/Z1OtcCDFNG

  6. September 11, 2015 at 3:48 am

    QOTD: Threat Intelligence Is a Process, Not a Product | NovaInfosec http://t.co/AFYJNB7u9v

  7. November 5, 2015 at 8:40 am

    Best Of: QOTD – Threat Intelligence Is a Process, Not a Product https://t.co/Z1OtcCVgFe

  8. March 20, 2016 at 11:51 am

    QOTD – Threat Intelligence Is a Process, Not a Product https://t.co/Nk2rpmrDJl

  9. March 22, 2016 at 12:01 pm

    Threat intelligence is a process, not a product. #CIO #infosec @CISOtech

    https://t.co/ePtOVJUYi3

  10. March 22, 2016 at 12:24 pm

    Threat Intelligence Is A Process, Not A Product – https://t.co/eSd39d03GE @grecs via @novainfosec #infosec #cybersecurity #security

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.