Skip to footer
Passcode
Modern field guide to security and privacy

Defeating cybersecurity's emerging threats with threat intelligence

With hackers lurking on your network for more than seven months on average, companies need to better work on keeping threats out in the first place -- and to do that, they need threat intelligence, said AlertLogic's Chief Security Evangelist Stephen Coty at a Passcode event on the sidelines of South by Southwest on Monday.

  • By Stephen Coty Chief Security Evangelist, AlertLogic

If the average hacker made their way into your network on January 1st, you wouldn't be aware they were inside until well into July. 

While traditional defensive cybersecurity is important, the fact that hackers can linger for an average of 229 days means companies need to think more directly about surveying the threat landscape, argued Stephen Coty, chief security evangelist for AlertLogic, at a Passcode event on the sidelines of South by Southwest on Monday.

"We talk about always being on the defensive," Mr. Coty said. "I'm a big believer of being on the offensive," of taking a proactive posture against cyber threats.

How to do that? Threat intelligence. 

"Threat intelligence is really the key to finding out what's out there. How do we enlist black hat hackers, gray hat hackers, to come on our side," Coty said. 

Once inside communities of nefarious actors, Coty said that cyber defenders can "start going out there and finding out what are the new vulnerabilities, infiltrating these hacking groups, finding out what's the next target.

"What's at stake?

By stealing your research and your development, your competitors can leapfrog years ahead and get to market before the originator of good ideas can even make a move, Coty explained. And closer to home, the impacts of data breaches could also have major impacts on children. When a child's identity is stolen online, "what's going to happen? Nobody is going to find out that a kid's credit is affected until they apply for a credit card at 18. And that's when you find out you're $10,000 in debt because of credit card bills because people have gotten that information [illegally online]," Coty said. "That is a huge concern.

"Even with good threat intelligence, however, companies still need technological investment. A preponderance of devices -- from point-of-sale terminals at major American retailers to airport Transportation Safety Administration scanners to the systems governing America's power networks and other major infrastructure -- are still running out-moded and insecure software, Coty pointed out.  

Watch the video of Coty's full remarks at the top of this post and follow him on Twitter at @StephenCoty. You can follow AlertLogic @AlertLogic.

Stephen Coty is the Director of Threat Research at Alert Logic in Houston TX and a member of ISSA, Infragard and the HTCIA. Before coming to Alert Logic, he was the Manager of Cyber Security for Rackspace Hosting. Prior to Rackspace, he has worked at several companies including Wells Fargo Bank, Applied Materials, Stanford Medical Center and The Netigy Corporation. He has been in the Information Technology field since 1992 with a Focus on Security as of 1999 where he started as a penetration tester and auditor. Research has been his primary focus since 2007.

You've read  of  free articles. Subscribe to continue.
Real news can be honest, hopeful, credible, constructive.
What is the Monitor difference? Tackling the tough headlines – with humanity. Listening to sources – with respect. Seeing the story that others are missing by reporting what so often gets overlooked: the values that connect us. That’s Monitor reporting – news that changes how you see the world.
editor@csmonitor.com
Subscribe
Mark Sappenfield
Editor

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.

Subscribe to insightful journalism

QR Code to Defeating cybersecurity's emerging threats with threat intelligence
Read this article in
https://www.csmonitor.com/World/Passcode/2015/0318/Defeating-cybersecurity-s-emerging-threats-with-threat-intelligence
QR Code to Subscription page
Start your subscription today
https://www.csmonitor.com/subscribe