Researchers at Carnegie Mellon's Software Engineering Institute (SEI) released a study on Monday identifying the best practices and major challenges organizations face concerning cybersecurity. With funding from the US Office of the Director of National Intelligence, the report highlights what the best organizations are doing to protect themselves digitally.
Digital security is more important than ever as hackers and criminals gain more and more access to cheaper, sophisticated tools making it simpler to breach security systems. SEI's report is an in-depth exploration of what a cross section of organizations are doing to address cybersecurity concerns.
Here are the four best practices for cyber intelligence in business from the report.
SEE: Information security policy (Tech Pro Research)
1. Understand your gaps
First and foremost, cyber intelligence researcher Jared Ettinger wrote in the report, organizations that are performing well know their digital landscape very well, taking note of any and all assets, people, intellectual property, patents, business units, and data.
But going deeper than that, these businesses understand any gaps or holes in their security and work "to focus on the who and why of a threat," the report said. "They consider threat actors, motivations, and capabilities, and they map that information to known vulnerabilities and assets threat actors may target. These organizations know what critical assets they have, and what their competitors don't have."
Another point these successful employers focus on is actually speaking with the employees who work on sensitive projects, in order to gain a better understanding of how to protect these projects, the report said.
2. Take advantage of new tech
Ettinger wrote in the report that high performing companies are using new technology to back their digital security efforts, including machine learning and advanced computing to "revolutionize" cyber intelligence. By giving less difficult tasks to artificial intelligence (AI) programs, security officers have more time to address serious concerns.
3. Hire a diverse cyber defense team
In their interviews with cybersecurity team members and leaders, many stressed the need for intelligence teams stocked with curiosity, critical thinking, analytical minds, and strong interpersonal skills.
"New hires don't necessarily need to know the tools from the start, but with a passion to learn, critical thinkers can become extremely skilled at using them to get the right information quickly," the report said.
4. Cultivate source networks
Relationships built throughout the cyber intelligence industry help in identifying hacking trends and available security resources. Often the best advice comes from outside of an organization, and contacts may help in verifying hacks or other information, the report noted.
The study also took note of challenges businesses face in address cyber intelligence issues. The biggest issue revolved around dealing with members of a business' upper management, who often are not tech savvy and question the return on investment for robust digital security efforts.
"Organizations have shared with us their difficulties in framing cyber intelligence as producing a return on investment when decision makers see cyber intelligence as cost avoidance," Ettinger wrote in the report.
Cyber intelligence teams are often dealing with organizations that view cyber threats as a minimal concern and often appoint people without technical backgrounds to senior cybersecurity positions.
"We have recently met with organizations whose cyber intelligence teams have not briefed their boards about cyber threats in years," Ettinger wrote. "We have also met with cyber intelligence teams that are buried in layers upon layers of bureaucracy, making it hard for them to get the right data to the right of level of leadership in a timely manner."
According to the study, a company's leadership must understand that a cybersecurity team can potentially stop threats from actors specifically interested in their technology and can help businesses avoid millions in losses.
The big takeaways for tech leaders:
- According to an SEI study, the most successful businesses are hiring diverse teams of cybersecurity experts to address digital threats and lapses in defense.
- The SEI report says cyber intelligence teams have difficulty getting through to business leaders who do not view digital threats as serious concerns or are buried under bureaucracies that make it difficult to report cyber threats to the necessary people.
- [5 Questions Executives Should Ask Their Security Teams] (TechRepublic)
- Security vendors need to stop doing more harm than good (ZDNet)
- [Cheat sheet: Two-factor authentication] (TechRepublic)
- Phishing alert: Hacking gang turns to new tactics in malware campaign (ZDNet)
- Why hiring more cybersecurity pros may not lead to better security (TechRepublic)
Jonathan Greig has nothing to disclose. He doesn't hold investments in the technology companies he covers.
Jonathan Greig is a freelance journalist based in New York City. He recently returned to the United States after reporting from South Africa, Jordan, and Cambodia since 2013.