NETWORKS AND APPLICATIONS

Yet with the ever-larger attack surfaces with which many organisations now operate , resources of security teams can no longer secure the perimeter .

“ The cybersecurity threat landscape is characterised by increasing sophistication and diversity ,” Matt Aldridge , Principal Solutions Consultant at OpenText Cybersecurity explains .

Therefore , security teams should work smarter , not harder . Working smarter involves intelligence , and in cyber that means threat intelligence .

Threat intelligence reveals attack motives and targets Threat intelligence , often referred to as cyber threat intelligence ( CTI ), involves the collection , processing , and analysis of data to understand the motives , targets , and behaviours of threat actors .

This intelligence is crucial for enabling security teams to make informed , proactive decisions to defend against cyber threats . Categorised into different types : tactical , operational , and strategic , the information provided that makes up the intelligence is evidence -based knowledge , including context , mechanisms , indicators , and implications of threats , which helps organisations anticipate and prevent cyberattacks before they occur .

This prevention is proving increasingly important due to the types of attacks now being levelled at enterprises .

“ Cyberattacks that target operational technologies have surged : in the past year , 76 % of industrial companies have detected malicious activity in their operational technology , and one in four had to shut down their operations because of an OT cyberattack ,” Edgardo Moreno , Executive Industry Consultant at Hexagon Asset Life Intelligence explains .

The cost of shutting down operational technology ( OT ) following a cyberattack can be substantial .

When IT systems get hit , the damage is typically focused on data breaches or financial theft , which although significant , does not necessarily impact operations . When OT systems are hit , a whole company ’ s operations can go down .

This can lead to massive financial loss due to downtime . Additional expenses may include replacing specialised equipment that have been damaged beyond repair , plus the increased labour costs needed to expedite the process of getting systems back online and an incident response recorded .

Such a ransomware attack disrupted A . P . Moller Maersk operations for two weeks in 2017 , blocking access to systems the company relied on to operate shipping terminals . The incident temporarily shut down the Port of Los Angeles ’ largest cargo terminal and lost US $ 300m in business disruption and equipment damage . cybermagazine . com 101