//////////////////////////////////////////////////////////////////////////
built around false information will force
attackers to continually validate their threat
intelligence, expend time and resources
to detect false positives, and ensure that
the networked resources they can see are
actually legitimate. And since any attacks on
false network resources can be immediately
detected, automatically triggering
countermeasures, attackers will have to be
extremely cautious performing even basic
tactics such as probing the network.
Derek Manky, Chief, Security Insights and
Global Threat Alliances, Fortinet
www.intelligentcio.com
Unified Open Collaboration: One of the
easiest ways for a cybercriminal to maximise
investment in an existing attack and possibly
evade detection is to simply make a minor
change, even something as basic as changing
an IP address. An effective way to keep up
FEATURE: CIO PRIORITIES
with such changes is by actively sharing
threat intelligence. Continuously updated
threat intelligence allows security vendors,
and their customers, to stay abreast of the
latest threat landscape. Open collaboration
efforts between threat research organisations,
industry alliances, security manufacturers, and
law enforcement agencies will significantly
shorten the time to detect new threats by
exposing and sharing the tactics used by
attackers. Rather than only being responsive,
however, applying behavioral analytics to live
data feeds through open collaboration will
enable defenders to predict the behaviour
of malware, thereby circumventing the
current model used by cybercriminals to
repeatedly leverage existing malware by
making minor changes. n
INTELLIGENTCIO
47