Posted September 18, 2014
1. You have no services or tools monitoring for potential threats outside of your network perimeter.
Firewalls and other security devices – even UTM – can’t protect organizations against today’s threats, because there are no silver bullets. With the rise of mobile tablets and apps, remote employees, and BYOD, the network perimeter is no longer static. Organizations need to take a layered approach and use data obtained from beyond the perimeter to understand the nature of threats to predict when they will happen and how they may be impacted so they can better prepare for them.
2. You allow employees to bring their own devices to work, but you do not have resources to enforce BYOD policies.
A study from uSamp revealed that 41% of employees have used unapproved cloud-based services to store documents, even though 87% of those employees knew that their employers prohibited it. Without monitoring in place for information that escapes your perimeter controls and data protection software, you might not find out that employees are exposing confidential and proprietary documents until it is too late. For example, earlier this year an employee of Microsoft was found guilty of giving trade secrets to a French blogger, who posted them on Twitter and the web. Monitoring paste and post sites to find these leaks before the press finds them can save you from a PR nightmare, or the risk of the information getting into the wrong hands.
3. You don’t think you’re at risk for a data breach.
According to the Verizon Data Breach Investigations Report, criminals stole 174 million data records from 855 different incidents in 2011 alone. In a similar report, the Ponemon Institute surveyed 56 organizations and found that those companies suffered from 102 successful attacks per week. If these sophisticated organizations that have extensive security budgets are still being breached, chances are your organization is susceptible as well.
4. You currently purchase several different tools to monitor Open Source Threat Intelligence (OSINT).
Adopting one cloud-based tool that will meet all of your OSINT needs can save time and money. First, using a cloud-based solution eliminates the need for costly hardware and software maintenance or onsite devices. In addition, storing data in one place eliminates the need for your employees to constantly update multiple databases, and makes it far easier for teams to collaborate, especially when you have multiple locations or remote employees.
5. Your security, risk, and compliance staff shares tools with your marketing team.
Most marketing-specific tools that analyze OSINT only provide data that’s useful to marketers, such as mentions, interactions, and demographic information. While this information can be incredibly useful for marketers when making strategic business decisions, it will not help your security team predict whether a threat actor is targeting your organization next. Tools specifically designed to give your security, risk, and compliance teams the information that they need can arm them against threat actors and help prevent or fix the aftermath of an attack.
If any of the above scenarios sounded a little too familiar, you may wish to consider a security–focused, cloud-based intelligence tool designed specifically for security, risk, and compliance teams. Find what matters, fast.
Learn more about the Cyveillance Cyber Threat Center and get your free trial.