Professionals working in cyber threat intelligence (CTI) overwhelmingly enjoy their jobs; over 66%, according to a limited survey of CTI professionals. They enjoy playing detective, investigator, researcher, analyzer, and communicator. What do they not love about the job? Chasing down bits and pieces of information manually through tons of different interfaces. Wrangling a time-intensive monstrosity of various files, web pages, and inconsistent formats, then merging them (ungracefully).

According to Joshua Ray, managing director, Global Cyber Defense Lead, Accenture, “Every business is digital now and must adopt a resilient cybersecurity posture to protect their value.

The security landscape is continually changing and the race to stay ahead is often one of both victory and failure. As organizations globally continue to expand, security professionals are struggling to update operations quickly enough to ensure effective monitoring and response to incidents in their environment. The lack of security professionals makes this even more challenging. Patching systems, scanning for vulnerabilities, protecting against malware and viruses are essential and just plain smart.

For most organizations, Security Operations Center (SOC) teams have long since been their first line of defense. These SOC systems efficiently ensure robust cybersecurity and are designed to detect, analyze, respond to, and prevent any cybersecurity incident that the organization might come across. Integrating a SOC within an organization aims to improve its cybersecurity posture, using a blend of state-of-the-art technology and skilled professionals.

CrowdStrike recently demonstrated the power of the Falcon platform and its integrated approach to providing robust protection by exposing all attack tactics used as part of the MITRE Engenuity ATT&CK Enterprise Evaluation released in April 2022. The evaluation focused on emulating two of today’s most sophisticated Russian-based threat groups: WIZARD SPIDER and VOODOO BEAR (Sandworm Team).

Tetra Defense, an Arctic Wolf® company, partnered with Chainalysis to analyze the link between the Karakurt cyber extortion group to both Conti and Diavol ransomware through Tetra’s digital forensics and Chainalysis’ blockchain analytics. As recent leaks have revealed, Conti and Trickbot are complicated operations with sophisticated structures. But, our findings indicate that web is even wider than originally thought, to include additional exfiltration-only operations.

As the new year continues to unfold, cybersecurity budget holders will be deep into the process of identifying where to allocate funds to best enhance protection against cyberthreats. The good news is that budgets are rising, with industry commentators frequently reporting that companies are committing more money to strengthening their posture against persistent and sophisticated threats.

There is a new trope in the security industry, and it goes something like this: To keep yourself safe, you need an AI-powered solution that can act on its own, and to do that, you need to keep those pesky humans away from it. As a practitioner with a track record of bringing AI to cybersecurity — not because marchitecture demands it these days but because of its actual utility to solve security problems — I find this characterization puzzling.

Ransomware has dominated the headlines the last couple of years. But it might surprise you to hear that another scourge—business email compromise (BEC)—accounted for 49 times more in losses in 2021. As reported in the FBI’s latest Internet Crime Report, BEC cost organizations and individuals $2.4 billion versus $49.2 million for ransomware. In fact, more than a third of total cybercrime last year can be attributed to BEC.