A triptych of experts share insights and advice about cyberthreat intelligence sharing, plotting a security strategy and safeguarding data against attacks.
While reporting on a recent article about building a cyberthreat intelligence sharing program, understanding the dangers of the dark web and other tactics to protect health data, we asked experts to divulge their best practices.
Aetna CISO Jim Routh, who previously worked in financial services, offered his advice, as did Bob Chaput, CEO of Clearwater Compliance and Dan Wiley, who heads Check Point Software’s incident response and threat intelligence work.
Routh focused on cyberthreat intelligence sharing. Chaput homed in on keeping health data safe from attackers. And Wiley took the wide-view with tips for establishing a lasting security strategy.
Routh’s 5 best practices for cyberthreat intelligence sharing:
1. Share information about topics of interest with all security intelligence providers, recognizing that there are many commercial and free sources of security intelligence.
2. Different sources uncover different information. Cultivate multiple sources for better results.
3. Some of the best intelligence comes from peers, so share information with ISACs, ISAOs and vendors.
4. Ensure that some of your sources are active in the dark web and apply economic analysis to behaviors of criminal syndicates that use the dark web.
5. Intelligence activities take time, so be patient and choose trends and topics for the long term.
Chaput’s 6 tips for guarding health data against cyberthreats:
1. Regular and continual workforce training and awareness on cybersecurity threats.
2. A solid Cyber Risk Management Program established from the top down.
3. Keep current on application and operating system patching.
4. Establish a Cybersecurity Incident Response Plan and Team.
5. Regular testing for Indicators of Compromise (IoC).
Let’s name 6: Join and actively participate in an ISAO to learn best practices and recent events from a peer group.
Wiley weighs in on plotting a cybersecurity strategy:
1. Have a plan and test it; don’t think you won’t have an incident, because you will at some point.
2. Make sure you invest in security controls to protect against evolving threats.
3. Walk the delicate balancing act of managing security costs against the ticket for an incident.
4. Be prepared from a legal, media and business impact point of view.
5. Develop a way to consume the intelligence you receive and make it actionable: Context is key to intelligence.