By: Dr. Angela Orebaugh
A cyber threat landscape includes a collection of threats that are relevant to an organization’s assets, vulnerabilities, and risks. Every organization’s cyber threat landscape is different. To maintain resilience in the face of evolving cyber threats, organizations must understand the types of cyberattacks and attackers it faces.
An organization’s cyber threat landscape may include a range of threats such as:
- Ransomware
- Software vulnerabilities
- Denial of service, and floods.
The threat may originate from sources such as:
- Organized Crime Groups
- Nation-states
- Insiders
- Acts of nature
Consequences of a realized cyber threat include:
- Disclosure of information
- Unauthorized changes to data
- Loss of availability of an asset
An organization’s cyber threat landscape is ever-evolving with emerging new threats, changes in IT infrastructure, staffing changes, and new vulnerabilities. Additionally, innovations in areas such as mobile, cloud computing, and the Internet of Things are substantially changing the cyber threat landscape.
SHINE Systems would like to share these tips to help organizations adapt to a changing threat landscape and quickly respond to evolving, sophisticated threats:
1. Policy: Establish a threat management program that includes baseline knowledge of an organization’s systems and networks, a risk assessment, external threat feeds, and internal threat data collection.
2. Practice: Build cyber threat landscape awareness by analyzing internal and external threat intelligence information to identify trends, develop countermeasures, and inform decision making. Share information and collaborate with internal and external stakeholders.
3. Posture: Perform threat hunting to search for advanced threats that evade existing security defenses.
Minimize the time it takes to respond to a threat and minimize the impact of a realized threat by implementing a regularly tested incident response plan.
Realized cyber threats could affect an organization’s bottom line through a loss of productivity, increased costs, stock decline, loss of customers, and damaged reputation. Cyber threat impacts on critical infrastructure systems may lead to widespread damage to the Nation’s security, economy, public safety, and public health.
As the time to react to a threat reduces, organizations must be able to identify and mitigate threats proactively.
Organizations with a clear view of their cyber threat landscape can improve their resilience and ability to operate in the face of threats and attacks.
About the Author
Angela Orebaugh, Ph.D. is a technologist, educator, researcher, and author with a broad spectrum of expertise in information technology and security. She synergizes her 20 years of hands-on strategic and technical experiences within industry, academia, and government to advise clients on information technology and security strategy, management, and technologies.