Last Updated on February 23, 2023
If you’re looking at the latest cybersecurity solutions, associated with “categories/buzzwords” like attack surface management, digital risk management or cyber threat intelligence, you’ll probably note a fair bit of overlap among the categories—and across different vendors’ interpretations of the terms themselves.
How do these disciplines relate, and how are orgs exploiting the synergies between them?
To discuss cyber threat intelligence, including its relationship to other security tools, Raveed Laeb, VP of Product Development at Kela, joined a recent episode of The Virtual CISO Podcast. The show’s host is John Verry, Pivot Point Security CISO and Managing Partner.
Cyber threat intelligence answers the “What now?” questions
“In my perspective or Kela’s perspective, cyber threat intelligence tries to be a bit more holistic,” clarifies Raveed. “Intelligence is used to drive decisions by decision-makers,” clarifies Raveed. “Attack surface monitoring is another process through which you collect information that you can use to then do things. For example, maybe your attack surface management tool tells you that you have a bunch of servers exposing a specific service to the internet. That’s good to know. But knowing whether that’s something you should take care of, and when, is not something that’s really driven by the attack surface management—that’s driven by cyber threat intelligence. Because if you want to make a good decision, you need to know, okay, do bad guys care about these things that I exposed to the internet?”
Raveed adds: “Cyber threat intelligence is more all-encompassing. For example, cyber threat intelligence is a key component in doing things with the attack surface management findings. It’s also a key component in knowing what to do with digital risk protection findings. Also, it’s a practice of its own. So, we like to call what Kela does cyber threat intelligence, because we think that’s the general discipline. However, we have a lot of elements of attack surface management and digital risk protection. We just like to think of them as another byproduct or another deliverable of the broader cyber threat intelligence work.”
At the same time, Raveed acknowledges that there remains much disagreement among thought leaders on how these evolving solutions link up.
Ready to hear this podcast show with Raveed Laeb? Click here.
“Threat data” and “threat intelligence” are not synonymous terms: The Difference between Threat Data and Threat Intelligence—and Why It Matters