Cybersecurity discussions have become part of the mainstream. But not many companies truly see how valuable threat intelligence can be for their business.
Therefore, it is essential for organizations offering cybersecurity-related services to build awareness in the broader public. This episode of Dr. Dark Web is our contribution.
Our guest is John Gates, Lead IT Security Operations/Threat Response Analyst. John and our host Chris Roberts discuss threat intel, communication, and collaboration between vendors and clients. Finally, John explains that we should all take precautions, as we can all be victims of cyberattacks.
- Name: John Gates
- What he does: Lead IT Security Operations/Threat Response Analyst
- Noteworthy: John believes that before deciding which vendor it will trust to take care of potential cybersecurity risks, a company must have all its members on board and ensure that they are familiar with the benefits of threat intelligence.
🎙️ We must understand the importance of threat intelligence. Technology advances, new solutions appear, and more and more vendors offer security-related services. However, companies must ensure that their members understand the benefits of cybersecurity and what they want to achieve with particular security measures. ”You need to have the right people together and tons of conversations before any vendors even consider what you’re doing. You have to adopt a framework for threat modeling. You have to decide if you’re going to be asset-focused, threat-focused, service-focused, or any combination [of those]. Every business runs differently. And I think that, a lot of times, businesses will put too much on the service provider to provide the answers they need to come to the table.”
🎙️ We are all targets. Yes, it sounds intimidating, but the sooner we understand it, the more effective we will be at protecting our personal and professional data. Many of us think that we are not the focus of hackers, but in practice, anyone can become a victim of a cyberattack. Therefore, the first step to implementing proper precautionary measures is to educate people and build awareness around cybersecurity. ”We have an information security awareness program that runs throughout the year. It’s not once, twice, or three times a year; it’s continuous. We’re constantly drilling about social media and the war and warning about posting things.”
🎙️ Conceptualization is a big part of what we do. Companies, including Cybersixgill, create daily reports containing information regarding potential security risks to enable their customers to determine the area of their business they should focus on to mitigate these. Still, these reports are not just about providing lots of data; they need to be put in context so that customers can understand them better. ”You need a single source of truth to work out of. So anything that a vendor can do to help with that aggregation and put it into context is priceless.”