It became very obvious through sessions and conversations during the recent RSA Conference that threat intelligence is “the new black” when it comes to security management. Much like the “APT” marketing term abused during Blackhat 2011, the unfettered use of the term “threat intelligence” being flung around at conferences, in marketing collateral, and across the Internet requires a reality check.
Threat intelligence sharing has become the `new black’ in the world of enterprise security, a trendy buzzword that has become ubiquitous in a variety of vendor marketing pitches. But what exactly is threat intelligence sharing and how can enterprises take advantage of it to defend against cyberattacks?
While there are many paths available —customer-to-vendor, vendor-to-customer, customer-to-customer, vendor-to-vendor—the core of threat intelligence sharing is typically information gathered from the customer by the vendor in order to help the customer respond to threats or attacks.