Threat intelligence is often spoken about as being a key pillar of cybersecurity. But what is it and why is it so important?
In our latest #TechTalk, John Lambert, Distinguished Engineer and General Manager of the Microsoft Threat Intelligence Center (MSTIC), explains how, while all organizations work to manage their security risks in cyberspace, these risks become threats when combined with malicious intent. The goal of threat intelligence is to give organizations context and awareness about the online threats they face and to help them prioritize their responses.
Cybersecurity threats reflect the geopolitical contests, competitions and conflicts occurring in the world, John explains. This means that many organizations face threats from adversaries seeking to cause financial, reputational, or even geopolitical damage. Microsoft studies the most significant threat actors in order to understand the techniques they use, and to build defensive measures into the services offered to customers. Every month Microsoft blocks around five billion attacks – including malware attacks and phishing emails, as well as more targeted threats – by tracking and limiting the actors behind them.
John also discusses how the use of artificial intelligence (AI) systems, which can be taught to detect and respond to cyberattacks, is speeding and scaling up Microsoft’s defensive efforts. However, he also warns of the new cyber-challenges that the same technology can bring, particularly in relation to the manipulation of image and speech patterns to spread disinformation via ‘deep fakes’.
In order to respond to the growth and sophistication of cyberthreats, John argues that organizations facing common threat actors need to work together far more proactively and share information to be able to anticipate and defend against common threats. At the same time, individuals can help protect themselves more thoroughly by better managing their passwords and credentials.
Watch the full #TechTalk below:
- Interested in learning more about the Microsoft Threat Intelligence Center (MSTIC) and their work? Read about their latest update on the Microsoft Security Blog.
- Read more about the work Microsoft is doing to disrupt cyberattacks from a threat group we call Thallium: Microsoft takes court action against fourth nation-state cybercrime group