Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .


Threat intelligence – myth vs. reality

Using the cloud to harnessalternative data

Chris Pace, Technology Advocate at Recorded Future

Threat intelligence is one of the most important resources for defending against increasingly advanced cyber-attacks, but there are still several myths and misconceptions about how intelligence can be accessed and used. Many organisations still believe threat intelligence is something of a dark art, restricted to elite security pros retained only by the likes of the world’s leading banks, and too complex and costly for ordinary businesses.

We have heard many different misconceptions over the years, and most can be easily rebuffed.

Three of the most common assumptions are:


While access to good intelligence might once have been restricted to the elites, today a fast-growing market means it is easily accessible by security professionals with any amount of experience and in any role. The market focus is to provide contextualised information that will enable security teams to respond quickly and proactively as threats emerge.


Threat intelligence is essentially a tool, and like any other tool the quality can vary. Some poor intel is indeed simply presented as a disorganised stream of data, but genuine threat intelligence is provided in real time, stripped of false positives, and presented in a format designed to drive effective decision making.


One of the key factors in making threat intelligence work is how it is implemented by the organisation. Intel that is poorly applied can end up being counterproductive by burying analysts under a mountain of false positives. Conversely, well-implemented threat intelligence will integrate with existing security technologies to provide analysts with crucial insights when and where they need them.

Operationalising threat intelligence

As a result of crucial misunderstandings like these, many security professionals believe that threat intelligence has nothing to offer their organisation. Even among companies that are open to exploring the use of threat intelligence, proper implementation is often a struggle. With thorough and systematic implementation, threat intelligence is difficult to use efficiently, and the true value will be missed.

When applied correctly, threat intelligence has a huge amount to offer security leaders and personnel, from informing investment decisions, to processing alerts more quickly, to reducing the threat window caused by the latest vulnerabilities.

The three edicts of threat intelligence

Finding a threat intelligence provider that will match the organisation’s specific structure and needs can be a complicated affair, and there are a huge array of choices, formats and vendors to choose from.

1.Threat intelligence is for everyone.

Threat intelligence has applications across all aspects of security. Even small organisations struggling with limited security budgets can access and utilise threat intelligence, enabling them to make better risk-based investment decisions and empower security personnel to maximise the value of their tools and processes.

Organisations that already have large and more well-established security capabilities meanwhile can use threat intelligence to respond to the latest incidents and attack tactics as quickly as possible. Alongside protecting the company from attack, well implemented threat intelligence can save a great deal of legwork for security practitioners, freeing them up for more high value tasks and allowing junior personnel to upskill more quickly.

  1. Poor quality threat intelligence can hinder more than it helps.

The simplest function of threat intelligence is to enable informed decision making. If the intelligence received by a company is incomplete and contains a high number of false positives and inaccuracies, security decision makers will end up making bad choices.

In terms of daily security activity, vulnerability management teams could miss vital weaknesses that leave the company exposed to attack, while SOC and incident response analysts could end up missing genuine threats while wasting a great deal of time and resources chasing false leads. At a strategic level, security leaders may also make poor investment decisions that do little to improve the company’s security posture.

With this in mind, organisations need to ensure that the threat intelligence capability they implement will genuinely empower their security leaders and personnel.

  1. Look for powerful threat intelligence characteristics.

With poor quality intelligence having the potential to drastically reduce a company’s security capabilities, it is essential that decision makers know what they should be looking for in a solution. The following four traits are essential components of genuine threat intelligence:

  • Comprehensive – It must combine intelligence from a broad range of sources such as the dark web and threat actor forums.
  • Relevant – A worthwhile threat intelligence capability must deliver only intelligence which is relevant to the individual user, cutting out irrelevant data and false positives that will waste valuable time and resources.
  • Contextualised – The best threat intelligence solutions combine huge quantities of data, information, and intelligence to construct high-quality, actionable insights that are put into context against the wider threat landscape.
  • Integrated – Threat intelligence should be easily accessible across all the different functions it connects to, such as vulnerability management scanners, SIEM and EDR technology.

By having these factors firmly in mind when investigating and assessing the many threat intelligence options available, companies can cast aside the myths and find the ideal solution for their operations. Armed with genuine threat intelligence, security personnel across all functions and experience levels will be able to work faster and more effectively.

Global Banking & Finance Review


Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!

By submitting this form, you are consenting to receive marketing emails from: Global Banking & Finance Review │ Banking │ Finance │ Technology. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post