Analecta Cyber Company Blog: Finding Additional Resources for Threat and Vulnerability Information

2018-09-04

Finding Additional Resources for Threat and Vulnerability Information

Finding additional resources for threat and vulnerability information - Analecta LLC banner

Analecta Cyber’s May 2018 Collaborating with Threat Sharing Groups article was well received by our readership. We expand on the idea that collaboration improves your overall industry, as well as your individual business. Here we review other resources available that will help you improve your company’s cybersecurity posture. 

Sharing is caring


The NIST Cybersecurity Framework emphasizes that organizations should get threat and vulnerability input from information sharing forums and other sources, but how do you know which sources to choose? Consider the following questions:
  • Will the information from this source provide me with actionable intelligence that is relevant to my organization?
  • Will the information from this source be of value when building my company’s long-term knowledge base and strategy?
  • Will information from cyber threats that my company has experienced be relevant if shared with this group?
If you can answer yes to any of these questions, the source may be of valuable to you and is at least worth the effort of opening the lines of communication to gleam potentially helpful content as well as share your own lessons learned.

Formal information sharing organizations 


Industry or regional specific Information Sharing and Analysis Centers (ISAC) or Information Sharing and Analysis Organizations (ISAO) are great sources of threat information. Both of these organizations are member driven threat intelligence analysis organizations. ISACs are usually industry specific, whereas ISAOs can also be regional. In our earlier post, Collaborating with Threat Sharing Groups, we discuss if membership in one of these organizations is right for your business.

Government resources to the rescue


The U.S. government provides a number of resources for finding cyber threat information that are useful to small and medium-sized businesses. The FBI and members of the private sector formed a partnership called InfraGard to exchange information about threats to critical infrastructure. As well, the FBI’s Internet Crime Complaint Center (IC3) publishes timely press releases about cyber actors and threat activity. These public service announcements include suggestions for keeping your systems more secure with regard to a particular threat activity.

FBI’s Internet Crime Complaint Center (IC3) publishes cyber actor and threat activity informational public service announcements. This May 2018 announcement reached numerous news outlets and warned of the havoc caused by hackers on routers and other network devices

The U.S. Computer Emergency Response Team (US-CERT), a division of the Department of Homeland Security, hosts a free automated indicator sharing service to exchange cyber threat indicators with the private sector. US-CERT also maintain a number of mailing lists and feeds to distribute alerts, analysis reports, bulletins, tips and current high-impact cyber security activity affecting the community at large.

Dive deep into further threat sharing resources


You may want to partner with other resources within your industry for additional threat information. Your company may have informal business relationships with other organizations. Leveraging these one-on-one relationships can be a solid way to share threat and vulnerability information. Your businesses may have similar technical needs, a similar customer base or your businesses may depend on each other, such as a supply chain partner. Chances are, if you or your supply chain partners were victims of a cyber attack, the impact would be felt across both organizations.   

Finally, keep up-to-date with information from security service providers.
  • The Cyber Threat Alliance, an independent, not-for-profit organization of cybersecurity providers publishes white papers and strategies on various cybersecurity topics. 
  • Microsoft Secure is a resource that focuses on cybersecurity topics through the lens of Microsoft.
  • Cisco Security provides threat information in addition to topics that are specific to Cisco devices.
  • The SANS Internet Storm Center is full of technical posts on malware and tactics, techniques and procedures (TTPs) of hackers.

If you want further information on a specific post from one of these sources, comment on it and you can interact with the author or other security professionals. Sharing information is one of the best way to help protect your company and your industry from malicious activity.

Analecta and the threat intelligence picture


Finding the right threat and vulnerability information sources can be overwhelming, but Analecta is here to help. Our experts can work with you to find the best fit for your organization’s needs and specific threat intelligence interests. Visit our Cyber Security website or email us at info@analecta-llc.com for more information.