ThreatQuotient’s Perspective on Security Operations and vision for AI in the ThreatQ Platform We’re all familiar with the “speed of cybersecurity”, the rapid pace at which cyber threats evolve and the corresponding need for timely and agile defense measures. We’ve been trained to understand the importance of quickly detecting, analyzing, and mitigating cyber risks to stay ahead of attackers and protect assets in an increasingly dynamic and interconnected world.

The persistent shortage of skilled cybersecurity professionals which grew by 26.2% over the past year, coupled with the fact that global cyberattacks increased 38% in 2022, means organizations are increasingly looking to security automation to help the cybersecurity teams keep pace. In fact, 98% of respondents to our “2022 State of Cybersecurity Automation Adoption” survey say they have increased their automation budgets.

In today’s digital world, cybersecurity threats are on the rise, and businesses must stay vigilant to protect their sensitive data from cybercriminals. To combat these threats, companies often rely on cybersecurity information vendors to provide them with intelligence information. However, the quality of the intelligence information provided by these vendors has come under scrutiny, and there have been concerns about the accuracy and effectiveness of the information provided.

Every five to ten years, major technology shifts change the way that vulnerability assessment and the related IT risk mitigation processes are approached or implemented. What has remained constant is the formula we use to measure risk and thus prioritize and triage vulnerabilities. Risk = (Likelihood of event) * (Impact of consequences) It’s an approach that intuitively makes sense, but there have been two challenges with how this formula has been applied.

In 2016, Ivan Fontarensky, Technical Director CyberDetect & Respond at Thales, wanted to rollout a Cyber Threat Intelligence (CTI) service to continue to add value to the company’s cybersecurity products used by critical infrastructure organizations around the globe.

We hear a lot about the cybersecurity skills gap, which the latest research puts at 770,000 open positions in the U.S. and 3.4 million globally. There are lots of reasons why organizations find themselves dealing with a skills deficit – from an actual dearth of qualified talent to internal factors including turnover, lack of budget/competitive wages, limited opportunities for growth and promotion, and lack of training.

Coping with limited resources is a common challenge for security operations teams. Whether it’s due to budget constraints, staffing shortages, or other factors, security teams often need to find ways to do more with less. Let’s talk about some strategies we can use to achieve success in this environment.

We’ve come a long way since ThreatQ v4 and our own Jay Allmond, UK Threat Intelligence Engineer at ThreatQuotient, recently shared the details during a hands-on webinar that’s now available on-demand. In this 30-minute session that as Jay says, “is light on PowerPoint and heavy on nerdy stuff”, we review the basics of the ThreatQ Platform and dive deep into some of the newest capabilities.