The idea of gathering and having intelligence has its roots in the military, where commanders would actively seek out information on their enemies. During wartime, especially in the pre-internet days, militaries were very unaware of their adversary’s capabilities, and the people in charge needed to know what they were up against before they made choices that could have severe implications.
Fast-forward to today, the internet-age where everyone is connected through various endpoints, and we see that intelligence-gathering is as valuable as ever. Anyone stands to benefit from having intelligence on their adversaries, and in the cyber security realm, that means knowing how attackers think, their motivations, who their targets are, details about their tactics, techniques and procedures (TTPs), and more.
A comprehensive and nuanced cyber threat intelligence capability is useful on a tactical, operational and strategic level, and ultimately helps the organization to manage risk and prioritize the threats they face. However, the benefits of intelligence are only as strong as the intelligence-gathering capabilities of the organization that is providing it.
FireEye is the largest threat intelligence organization that is not associated with a government. The visibility we have is key. Whether it’s the insights we’re getting from our Mandiant consultants, who are often the only individuals standing between a nation-state and the intellectual property of a company, or if we’re pulling data from our machine intelligence, or if we’re looking at ongoing campaigns through our Managed Defense, FireEye is in the best position to know exactly how (and why) today’s attackers are operating.
To learn more about cyber threat intelligence and how organizations stand to benefit from implementing this important capability, watch my interview with Sandra Joyce, head of global threat intel with FireEye, and Igors Konovalovs, director for FireEye iSIGHT Intelligence in EMEA.