MARCH 14, 2014
Your regular source of security updates from TrendLabsSM
In This Issue

Security Spotlight
A Look at the Mobile Cybercriminal Underground

Security for Home Users
Checking Out the Security of Messaging Apps

Security for Business
The Enterprise Fights Back: Building Threat Intelligence



Security for Business

The Enterprise Fights Back: Building Threat Intelligence

Because information remains a key target for threat actors, enterprises and organizations will unfortunately continue to be likely targets.”



Protecting confidential company data or “crown jewels” is viewed as a top challenge by many enterprises and organizations. Because information remains a key target for threat actors, enterprises and organizations will unfortunately continue to be likely targets. But they can use clues to serve as indicators of ongoing or future attacks.

The Importance of Threat Intelligence

Threat intelligence refers to information related to the tools, tactics, and procedures (TTPs) attackers use to carry out campaigns. Targeted attacks can be detected earlier though, reducing the risk of data exfiltration, with good threat intelligence.

Gathering threat intelligence can be internally and externally done. Internal threat intelligence refers to gathering information by an enterprise’s own threat intelligence group. The information this group gathers should be passed on to the security team, which will implement security policies. External threat intelligence gathering, meanwhile, requires the participation of third parties that offer security deliverables like reports on new campaigns and threats.

Any kind of threat intelligence though will not mean anything if it’s not interpreted by knowledgeable human analysts. These analysts process and make sense of network logs and data. They can suggest strategies to deal with any kind of security threat that their enterprises may encounter, including targeted attacks.

Threat Intelligence and Targeted Attacks

Despite the different techniques and malware targeted attack campaigns use, early detection is still possible with the help of consistent indicators. This is the reason why reports on known targeted attacks are useful for identifying indicators of compromise (IoCs), together with other sources like data feeds and reports. Threat intelligence on current and previous campaigns can also be used to come up with defense solutions.

For more information on helping your organization with the fight against targeted attacks, read “The Enterprise Fights Back (Part IV): Building Threat Intelligence.”

Copyright ©2014 Trend Micro Incorporated. All rights reserved. Trend Micro and the Trend Micro t-ball logo are trademarks or registered trademarks of Trend Micro Incorporated. All other company and/or product names may be trademarks or registered trademarks of their respective owners. The information contained in this document is subject to change without prior notice.

www.trendmicro.com

  CONNECT WITH US ON: