When you think about the future of threat intelligence, we can all agree that threats morph, constantly. Sophisticated new botnets, the increase in DDoS-as-a-Service tools, and the rise in cryptocurrency are creating an unpredictable environment where even novice attackers can demand ransoms, carry out attacks, and rent IoT botnets. Known attack types also rise and fall in popularity, as demonstrated by recent attacks such as Memcached. “What’s old is new again,” but with a twist of a new vector or motive. This provides one of the biggest challenges for those of us in the cyber-security community. How do we make sure that we are identifying and mitigating attacks quickly, protecting our customers and the organizations they serve with minimal business impact?
The future of threat intelligence must include information sharing. This is the goal of organizations like the Cyber Threat Alliance (CTA), where security companies collaborate to share intel on the constant evolution of threats. Although by nature the cyber-security industry is typically top-secret and competitive, there is also a shared understanding that by pooling our resources, we are able to adapt our techniques and technology for the greater good, making companies feel infinitely safer and protected.
If we are all reviewing shared intel, everyone has a better chance of designing proactive solutions vs. reactive solutions for these emerging threats. Combining our intelligence creates an extension of everyone’s capabilities. By combining our various strengths and experience, we have a better chance of stopping whatever cyber-threats come our way.
We need to be continuously learning how these attackers might come after businesses in a variety of industries, such as finance, healthcare, retail, and more. Many cyber-security organizations started off as hardware-centric companies, but we are seeing a shift to more software-based solutions as companies change how they store their data and interact with customers. It’s important for security products to have some levels of both detection and mitigation, or work together to achieve that balance and prevent threat actors from accessing the networks. For example, our partner Cisco detects threats from every angle, and then kicks complex attack traffic over to Radware’s scrubbing centers around the world, which can mitigate more than 3.5Tbps of traffic. This helps keep customers up and running, allows legitimate traffic to reach its destination, and prevents latency. When companies are thinking similarly and working together as a consortium, we improve this process and become very powerful, creating a legacy for customers who are demanding this kind of evolution.
Access to real-time intelligence from a centralized community provides a significant advantage as attacks continue to get more complex. Fortunately, the CTA is up to the challenge, and each member brings something different to the table that helps the organization as a whole see the larger picture of threat intelligence. Radware is proud to now be a member of the CTA to share our findings and gain valuable insights from our new allies in stopping cyber-attacks. Read the press release to learn more.