Is “Big Data” Threat Intelligence Worth It?
“Big data” has transformed virtually every sector of the global economy, from e-commerce to healthcare to banking. Corporate c-suites now have access to vast troves of intelligence about us, our online activities, and our buying habits—and they’re using it to make important business decisions every day.
More and more of those decisions focus on information security. Corporate infosec professionals can now turn to a wide array of outside services that monitor emergent malware, prominent data breaches, and other threats using proprietary analytics. These services then provide clients with access to realtime feeds of potential risks, theoretically helping them prepare for battle.
Are these services right for your organization? These tips may help you decide:
Threat intelligence only works if doesn’t overwhelm you.
Threat-assessment feeds using big-data techniques are still relatively new, and most of the criticism leveled against them focuses on the sheer amount of information they provide. Go with a service that weeds out alerts that are irrelevant to your business assets, or make sure your internal team is prepared to do the same—if you don’t, you’ll join scores of companies that pay top-dollar for useless information.
Make sure your third-party intelligence products mesh well with existing initiatives.
Most corporate consumers of threat-assessment feeds report using a wide variety of tools to do essentially the same job. That’s okay—in the high-stakes world of information security, redundancy isn’t necessarily a bad thing—but if your company has problems aggregating information coming from different channels, you may not be able to prioritize threats and make the appropriate allocation of resources. In other words, make sure you never lose the bird’s-eye view.
Knowing about threats isn’t much good if you’re not ready to defend against them.
Finally, no organization should bother investing in big-data threat intelligence without first developing a resiliency plan, conducting awareness training, and taking the other steps necessary to defeat the dangers these products expose. It would be like going on safari with a scope but no rifle—you may see the big game, but you won’t be coming home with any trophies.
If your company can follow this simple advice, tools like these may be right for you. They may even help you spot an oncoming threat and prevent a full-blown information-related crisis.