The Sixth Ocean: The Age of Threat Intelligence
BY CHUCK MACKEY, SENIOR SECURITY CONSULTANT, MCPc
The idea of a sixth ocean came to me from an InfoSec associate, Chris Roberts, White Hat Hacker and Researcher. He contends that we no longer have five oceans...we have six. Chris points to estimates that at the onset of 2020, world data crossed the 40+ zettabytes threshold. By 2025, we will generate about 1/2 ZB per day. PER DAY.
Zettabyte is a multiple of the unit byte for digital information. The prefix zetta indicates multiplication by the seventh power of 1000 or 10²¹ in the International System of Units. A zettabyte is one sextillion bytes. The unit symbol is ZB. A related unit, the zebibyte, using a binary prefix, is equal to 1024⁷ bytes. -- Wikipedia
Chris: "Each of us on this planet (on average) produces approximately 2MB of data PER second…yet, we analyze less than 1%, we tag around 3% and there’s an argument to say around 30-40% of ALL of it is useful -- IF -- we could get our arms around it."
Ah...the big IF.
He continues: "(Data) has been compared to oil insofar as value, yet we hand it over, share it and discard it like there’s not tomorrow…"
So, our sixth ocean is data. And it is overflowing. Sadly, just as with the other five oceans, we disrespect its power, usefulness, and magnitude. We treat it like it was our own to do with as we choose. Mostly, we ignore it.
To use Chris's metaphor, we pollute it and we do not take proper care of it. What little we do use is "traded in a frenzied assault on humans."
"We have no REAL clue what’s in it. We cannot contain it to any real degree. Worst of all, we don’t have a plan to fix the problem."
We are doing to data what we have done to oceans, societies, culture. Use, abuse, forget. We have learned very little in our progression to and through the Digital Age.
What About Search? Isn't That Useful?
Search has been a powerful and productive means for getting information. But to discern it? Create immediate value? Provide beneficial insight? No. It is all about 'analytics' now. Structured and unstructured data analysis. Tailoring down data to find that secret sauce that will motivate YOU to buy, vote, buy...
Think about it. What do you see more often these days? Stories about the value of data search or stories about compromised data? Fine, if you are in Marketing, maybe the former. But the rest of us...nope. I just read a story about 100+ Google plug-ins that are used for creepy stuff. Lots and lots of creepy stuff. (https://www.cybertalk.org/2020/06/22/you-really-dont-want-these-browser-extensions/) But a diatribe on the evils of Search are for another article.
Enter the Realm of Threat Intelligence
If you are thinking that TI is exclusively about spies, it is not. Certainly, activities such as Counterintelligence (CI) have been around for centuries and, yes, spies, too. Nations have entire agencies, facilities, and people that have been actively engaged in TI and CI for a long, long time. They even have health insurance and retirement programs.
However, TI has aggressively moved out of the spy game and into the corporate office. Any "Big M" marketing department has some type of TI program, although I would hardly think they refer to it in that way.
I posit that it is Threat Intelligence where true meaning, value, and application of data can be harnessed. Not just to ward off threats, but to understand the world around us more deeply and holistically.
The Application of TI in the Everyday World
Below are several use-cases for TI that are already providing relevant, meaningful insight to those organizations that know how to "boil an ocean." While not an exhaustive list, it should get you thinking about how TI can fit into your organization.
Cyber Threat Monitoring:
- Targeted DDOS
- Zeroday attacks
- Leaked Credentials
- Leaked Code
- Hacking discussion
- Negative sentiment
- Positive sentiment
- Review bombing
- Fake brand accounts
- Impersonation watching
- Negative sentiment
- Violent threats
Bad Actor Monitoring:
- Violent threats
- Fake news
- False claims
- Stolen accounts
- Stolen credentials
- Knockoff sales
- Stolen good sales
As you plan for and budget your IT, IT Security, Cybersecurity, Marketing, Supply Chain, Customer programs, consider the growing opportunity to leverage Threat Intelligence. Thoughtful consideration about TI can ultimately lead to better decision-making around all these operating issues...and help clean up the ocean of data.
Chuck Mackey, MCPc's Senior Security Consultant
Chuck Mackey is a Senior Security Consultant responsible for helping client organizations assess, develop, and implement effective cyber security programs. This includes performing risk mitigation assessments, developing cybersecurity roadmaps, developing policies, and aiding organizations in the implementation of strong Governance, Risk, and Compliance (GRC) programs. Additionally, Chuck works directly with clients to develop, assess, and implement Business Continuity Management and Disaster Recovery programs. He has over 25 years of experience in IT Security working in a variety of industry verticals, including non-profit, healthcare, financial services, and manufacturing. Chuck has also held senior roles in IT, IT Security, and Data Protection.