Today’s enterprise security world revolves around endless tools and ingestion of data points that often become confusing and unrealistic to decipher. It is difficult to gain a grasp how they impact business or the critical potential they hold in order to respond timely. The Cloud-Based, Intelligent Ecosystems paper aims towards executives in businesses whose focus is within securing their environment. The five sections presented within this paper address key areas in understanding the meaning of intelligence, the concept of how threat gathering works, securing a cloud-based, intelligent ecosystem, security business analytics, and lastly, areas of further research.
To understand your specific threat intelligence model, one must first understand the tools currently within use, whether it be endpoint protection or other security sensors on the network. Companies must normalize and automate their internal tools to transform and extract actionable intelligence, while using external sources to reduce detection and response times. This is not a call for more tools, but rather how to use what you currently have at an optimal level. With the growing use of AI and Machine Learning, these technologies can expand the reach of tools and assist in the precision and accuracy of false positive data sets.
Threat intelligence can be expanded over time when addressing IoT devices throughout enterprise, and how “sense, understand, act” can enhance and understand complexities within enterprise ecosystems. By also understanding other emerging technologies, such as blockchain, we can assume that the size of data will continue to move upwards. The important aspect here is capturing how to align threat intelligence to emerging technology so you do not get left behind.