Gartner Blog Network


My Threat Intelligence and Threat Assessment Research Papers Publish

by Anton Chuvakin  |  May 15, 2014  |  1 Comment

My threat-related research papers are published on Gartner.com. World, please welcome …

The first paper focuses on threat intelligence usage: “Threat intelligence has emerged as a key security control that helps organizations detect, triage and investigate threats. This assessment compares types of threat intelligence data and outlines common usage patterns.”

Select quotes follow:

  • “The time has come to invest resources into understanding and countering specific threats — a threat-centric approach will complement the existing preoccupation with vulnerability- and asset-centric security.”
  • “To make use of TI, the organization needs not just the tool, but also the entire capability that combines people, process and technology. Prepare to dedicate efforts and time to TI. As with many security technologies, the value you get from threat intelligence is related to the effort you put in.”
  • “Usage of threat intelligence adds value on all stages of the attack life cycle, enabling what some companies call “intelligence-led security.”
  • “Evaluate TI use cases. The organization should carefully evaluate all use cases for threat intelligence — both strategic and tactical — and select those that map to the needs and capabilities (and of course, maturity levels) of the organization.”
  • “On a high level, all security organizations can benefit from knowing more about the threats they face. However, given differences in risks and available resources, organizations may limit their involvement with threat intelligence at different levels of maturity.”

The other paper is centered around threat assessment: “The threat assessment process makes use of threat intelligence in order to determine which threats are relevant to an organization. It identifies threat types, specific threats and even explicit threat actors to include in risk management processes.”

Some fun quotes follow:

  • “Threat assessment is most critical to those organizations that must prioritize resource allocation for dealing with advanced and targeted threats.”
  • “IT security, physical security, fraud, legal, human resources, compliance and other internal groups all have valuable knowledge that may help coordinate efforts on some aspects of threat assessment.”
  • “Establish a repeatable threat assessment process that looks at threat capabilities and intents and then relates them to organizational resources, processes and personnel. Use threat intelligence to fill the gaps in your knowledge and visibility.”
  • “Factor threat assessment results and ongoing threat intelligence activities into risk management and security programs in general. Reliable intelligence on how and why threat actors attack a given type of organization should be used to optimize protection against those attacks or to deter them in the first place.”

Access to papers requires Gartner GTP subscription. For those without, see some of the related blog posts below.

Blog posts related to threat research project:

Previous posts announcing research publication:

Category: announcement  security  threat-intelligence  

Anton Chuvakin
Research VP
5+ years with Gartner
16 years IT industry

Anton Chuvakin is a research VP at Gartner's GTP Security and Risk Management group. Before Mr. Chuvakin joined Gartner, his job responsibilities included security product management, evangelist… Read Full Bio


Thoughts on My Threat Intelligence and Threat Assessment Research Papers Publish




Comments are closed

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.