With the Cybersecurity Information Sharing Act (CISA) the feds are trying to make it more attractive to share threat intelligence, but it won’t do much to help businesses deal with the high cost of sorting through what can be an overwhelming flow of possible security incidents and find which ones need to be checked out.
And deciding what data to share, what threat intelligence feeds to subscribe to and what tools are needed to turn potentially valuable information into action takes sizeable resources, experts say.
“They really have to put some bodies on it,” says Scott Crawford, information security research director for 451 Research, and that can be expensive, putting in-house analysis beyond the reach of many organizations. But some of the sorting and aggregation can be automated with threat intelligence platforms, he says, from vendors such as BrightPoint Security, ThreatConnect and ThreatStream.
Read the Full Article: Source – CSO Online
Browsing Privacy: (CSO Online) – CISA won’t do much to turn threat intelligence into action