Insight by KPMG

Cyber threat strategy must begin with intelligence

You can’t have cybersecurity threat mitigation unless you have threat intelligence – the sum of data gathering and analysis designed to help network operators and IT staff understand threat vectors and characteristics.

Participants in a recent Federal News Radio panel discussion explored how the threat environment is changing and how federal agencies are tying together data from what’s going on with strategies for stopping threats before they turn into damage or pilfered data.

Cyber Threat Analysis and Tools

Basically, any evidence-based knowledge we can get from any source is what we use to analyze. That’s working with other intelligence agencies, DoD joint force headquarters for cyber defense, and our own cyber operations center. And vendors…often they detect cyber threats and report them to us.

Risk Management and Automation

One of our strategies in terms of our cyber program is to automate as much as possible…leveraging cybersecurity automation, orchestration strategies, particularly at the cloud level. We’re looking to address today’s cyber threats in real time, free up our analysis time – valuable human resource time – to address more advanced threats than currently face the federal government. We’re looking to leverage artificial intelligence, blockchain…[and] machine learning technologies.

Supply Chain and Insight into the Future

As we get more folks recruited into the cybersecurity industry… don’t necessarily need to have a technology degree to be successful in cybersecurity, especially if you’re in the threat intelligence and analysis world. It’s more about … a natural curiosity and trying to diagnose what a situation might be. As we all work in this industry we need to collectively do a better job of elevating the conversation up to more of a risk-based conversation instead of a technical bit-and-byte conversation.

 

Listen to the full show: