If there is a drumbeat I will continue to harp on it’s the importance of practical cyber threat intelligence. With so much data out there, and so much confusion in the market as to what intel even is, intel’s practicality takes on even greater significance.
One key aspect of making threat intelligence practical is to ensure the intel is evaluated. What do I mean by this? Well, there are a lot of threat intelligence misconceptions that have to do with automation and speed. Threat intelligence feeds or platforms that provide data or indicators of compromise (IOCs) are delivering a first step toward intel, but the practicality of it is questionable at best.
Leave a reply