As I have been researching threat intelligence lately, the services that provide it, and the organizations that really produce it, I was struck with an odd thought that harkened back to the turn of the century from Bruce Schneier describing how to fix security. In this post from 2000 Schneier introduces the concept of security being a long-term process rather than a one-and-done deal. From this he derived his famous saying that “Security is a process, not a product.”
The same seems to be true in today’s world for threat intelligence. There are a lot of services that provide great threat data but really none that totally “fix” the security issues we face. Only with continuous and individualized knowledge of your enterprise, your adversaries, and your partners can this data be used to produce real actionable threat intelligence for your organization. So in honor of Bruce’s quote from 15 years ago, I leave you with the following quote of the day.
“Threat intelligence is a process, not a product.” – grecs (with inspiration from Schneier)
(Note: As part of a campaign to bring forward some of our older posts that we feel still benefit the community, we’ve added this article to our Best Of category that will periodically get tweeted out. Please mention it to me on Twitter or contact us if there are any other posts you feel we should include in this category. This post was previously categorized under Infosec Blogs/Podcasts. [email protected]grecs)
Today’s post pic is from WikiMedia.org. See ya!