Analysis is the label on the museum wall that tells you why the artifact matters. It\u2019s the intelligence that blends context with object, giving meaning to mere things. It\u2019s the bridge between information and action.<\/p>\n<\/blockquote>\n
To understand why threat intelligence will be so crucial in cybersecurity\u2019s future, we need to visit the museum of its evolution.<\/p>\n
More innocent times: The noughties<\/h2>\n
Mulholland Drive was in cinemas; Shaggy and Destiny\u2019s Child sold CDs by the bucket. Email was standard for business, but less so for personal use. Anyone geeky enough to \u2018surf the net\u2019 for fun might visit an internet caf\u00e9 to use a coveted, futurist desktop iMac. A revolution in attractive hardware, it looked like the candy-colored offspring of motorcycle helmet and refrigerator produce compartment.<\/p>\n
The precursors to threat intelligence started appearing at this time. First, there were IP and URL blacklists. Security software like Security Information and <\/a>Event <\/a>M<\/a>anagement (SIEM)<\/a><\/u> systems, and next<\/a>\u2013<\/a>generation firewalls (NGFWs)<\/a><\/u> used the blacklists to give alerts and reports. Security researchers manually searched for threats and sent daily updates to customers.<\/p>\n It was the year Iceland\u2019s Mount Eyjafjallaj\u00f6kull grounded flights across Europe with a cloud of ash. Everyone was talking about Wikileaks and the Arab spring. Facebook and Twitter had become household names, but were far less used by marketers and brands.<\/p>\n The dark web<\/a><\/u> and malign activities were exploding, showing the limits of the day\u2019s security software. It wasn\u2019t designed to process the number of Indicators of Compromise<\/a><\/u> pelting down like a deluge of frogs. They couldn\u2019t identify and process the dust storms of malicious domains, IPs and other threats. It was the year of Je Suis Charlie<\/em>, as many sided with French satirists against terrorism. 195 countries reached agreement over the Paris Climate Accord, but the color of a dress divided the world firmly into two camps.<\/p>\n Threat intelligence evolved again. That big data technology was blurting out far too many false alerts. Cybersecurity needed its humans back.<\/p>\n<\/blockquote>\n Security experts overseeing intelligence collection could reduce false positives and better see threats and attack methods specific to their organizations. It meant faster detection and response, and a change of emphasis to finding and prioritizing vulnerabilities.<\/p>\n From 2018, the threat intelligence industry ballooned. Hundreds of new companies popped up, offering targeted services focused on data quality. Their goal was to give guidelines for decisions and actions. The companies buying threat intelligence products and services started using them more effectively, for example, adapting their data collection for security needs.<\/p>\n By 2019 the industry had adopted a shared understanding of what threat intelligence means. Bear with me \u2013 this chain has a few links. Threat intelligence means multiple sources giving relevant, targeted data. The data must be converted into information that can be immediately used. It must be integrated into an organization\u2019s security operations through a single entry point, and communicate seamlessly with their existing security controls. Its unique insights on emerging threats will let security teams prioritize alerts, maximize resources and make fast decisions.<\/p>\n And what of 2020 onwards? The market is still growing. Research suggests threat intelligence could be worth <\/a>13<\/a> billion US<\/a> dollars<\/a> by 2023<\/a><\/u>. Ever smaller organizations are starting to use threat intelligence.<\/p>\n But in the main, this will be a new era of cooperation. To be more comprehensive, cybersecurity vendors are already integrating their products and services with others.<\/p>\n Sharing best practice will be the new normal, leading to better defenses against rising threats, such as malware-less attacks.<\/p>\n<\/blockquote>\n Cybersecurity will move from reactive to proactive, while the role of security teams in organizations will grow. They\u2019ll interact more at all levels and with all business groups. They\u2019ll become responsible for delivering proactive threat intelligence that not only protects, but identifies risk and shapes business goals. Threat intelligence will effectively predict and prevent attacks at the earliest stage, and sooner or later, underpin the whole concept of proactive cybersecurity and organizational risk.<\/p>\n This article was published in April, 2020.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":" Follow the rocky road that led to the threat intelligence of today, and see what pastures lie ahead for this fast-changing industry.<\/p>\n","protected":false},"author":2572,"featured_media":43819,"template":"","coauthors":[3777],"class_list":{"0":"post-35109","1":"emagazine","2":"type-emagazine","3":"status-publish","4":"has-post-thumbnail","6":"emagazine-category-threat-intelligence","7":"emagazine-category-threat-intelligence-2020","8":"emagazine-tag-ai","9":"emagazine-tag-history","10":"emagazine-tag-predictions","11":"emagazine-tag-threats"},"hreflang":[{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/secure-futures-magazine\/threat-intelligence-trends\/35109\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/secure-futures-magazine\/threat-intelligence-trends\/21687\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/secure-futures-magazine\/threat-intelligence-trends\/20000\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/secure-futures-magazine\/threat-intelligence-trends\/21162\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/secure-futures-magazine\/threat-intelligence-trends\/17022\/"}],"acf":[],"_links":{"self":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/emagazine\/35109","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/emagazine"}],"about":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/emagazine"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/2572"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/43819"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=35109"}],"wp:term":[{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/coauthors?post=35109"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}The bright, new digital past: 2010<\/h2>\n
\n![\"\"](\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2020\/04\/27033031\/threat-intelligence-trends-inline.png\")
\nThe cybersecurity industry responded. Machine learning and artificial intelligence (AI) could automate and correlate data on a new scale. With millions of sensors, their data feeds netted oceans of information. They processed and analyzed it with big data tools. These systems began to be used to perform complex detection covering all attack surfaces<\/a><\/u>. And the big data technology gave birth to the idea of threat intelligence.<\/p>\nMachine meets human: 2015<\/h2>\n
The world we now know<\/h2>\n