Globally, the cyber threat level to organisations remains high, and the current situation only serves to highlight this further.

As the new financial year looms, companies are starting to identify the key strategic focus areas for the year ahead and the technology investments needed to deliver them.

The security operations centre (SOC) has been on the front line facing the pandemic-induced escalation of cybersecurity threats in the past eighteen months.

Let’s face it, we’ve talked about security automation for years. We’ve grappled with what, when and how to automate. At certain points we’ve wondered if there’s any place at all for automation. But in our heart of hearts, we’ve known for years that automation is the future. Now the future is here.

Just like a compass, regularly reviewing the threat model keeps the CTI teams IR’s pointed in the right direction over time.

Supply chain attacks show no sign of slowing down. But the right combination of platforms can help organisations get ahead of the threat. 

Empowering humans to engage in critical thinking is vital to efficient detection and response, writes ThreatQuotient APJC regional director Anthony Stitt.

Few organisations have matured their security operations (SecOps) to the point where they have integrated a complete CTI practice. 

Many organisations have been left behind with their security operations.

An effective CTI program requires the alignment of people, processes and technology, writes ThreatQuotient APJC regional director Anthony Stitt.

When an attack happens, security teams should be ready with information about who is attacking and the steps being taken to mitigate damage.

Understanding the limitations of defences requires examining how blocking and detection systems leverage cyber threat intelligence.

There is opportunity for organisations to better manage their cyber-threat intelligence for greater security and threat intelligence effectiveness by adopting the right tools and processes.

The COVID-19 pandemic is pushing organisations of all sizes to up their security game, for one implementing Cyber threat intelligence (CTI) programmes.

"For a CTI program to be effective, an organisation needs to have a good idea of the threats they are facing, combined with the assessment of the likelihood and impact such an incident would have."

Intelligence management platforms now playing a much more global and cross-functional role in the cybersecurity sector, writes ThreatQuotient regional director for APJC Anthony Stitt.

We spoke with ThreatQuotient’s APJC regional director Anthony Stitt to dig deeper into cyber hygiene, security culture, threat intelligence, and the tools that support them.

Understanding an organisation’s threat landscape requires having both the right threat data sources and the proper prioritisation to derive actionable threat intelligence for your organisation. 

Many organisations steer towards relying upon external threat intelligence feeds, though this has limitations because even if you subscribe to every single threat intelligence feed, gaps still remain, as many attacks are customised to bypass traditional security controls. 

Organisations are looking to improve their security operations effectiveness, efficiency, and staff satisfaction, with security, orchestration, automation and response (SOAR) fast becoming a trending approach. 

To understand what it involves and some of the collaboration challenges that come with distributing threat intelligence amongst specialised security teams, we spoke to ThreatQuotient APJC regional director Anthony Stitt.

Many organizations already have the technology required for threat hunting, with SIEMs and threat intelligence a starting point.

"Will the human element always remain vital in security operations?"