Are Human necessary to Cyber Threat Intelligence?

Given the increasing financial and reputational costs of breaches, an organization can no longer overlook human aspect of Cyber Intelligence

The customary approach to organizational security involves usage of a variety of processes and tools to carry out incident management, infrastructure network defense, and threat management. Threat intelligence makes it possible for enterprise to gain an advantage over the adversary.

Intelligence gathering is generation old but the same is not true for cyber threat intelligence which is relatively a new development. The major Threat Intelligence types are:

  • Signals Intelligence (SIGINT)
  • Open-source Intelligence (OSINT)
  • Geospatial Intelligence (GEOINT
  • Financial Intelligence (FININT
  • Tech Intelligence (TECHINT)
  • Market Intelligence (MARKINT)
  • Cyber Intelligence (CYBINT)
  • Human Intelligence (HUMINT)

The most obvious but neglected type of intelligence is Human Intelligence (HUMINT) which is gathered using interpersonal skills and communications. Most organizations usually invest in perimeter and data security technologies to protect their infrastructure but forget that that their people resources i.e. employee too can be target of Cyber Criminals. Today cyber criminals may give less value to the infra and more value to employee web attributes like surfing patterns and web behavior and make cyber profile possibly to enter a corporate network.

Cyber attackers try hundreds of cyber-attacks to gain privileged access within an enterprise network to launch final attack. Cost of a Cyber breach now runs in millions of dollar and so carrying out hundred trails is possibly like a lottery and a cost effective option. Most of the enterprise gives less attention to the weakest link in cyber security chain which is employee behavior like opening malicious email attachments, setting easy passwords, leaving security controls open and providing information to the cyber thieves which they are looking to launch an attack.

Given the increasing financial and reputational costs of breaches, an organization can no longer overlook human aspect of Cyber Intelligence. Organization today should transform employees from a hacker target to frontline cyber defense channel.

A cyber intelligence is all about the who, what, where, when, why and how behind an cyber incidents and cyber-attacks and thus HUMINT can be used to support strategic and tactical cybersecurity implementation  & actions and would be a more able complement and supplement to CYBINT. Human interaction can be used as a tactical defense tool as well as effective threat hunting medium.

The biggest weaknesses are not necessarily found within applications and systems, but can be people who use them and so they can be transformed into their biggest strengths. It is high time for the organizations to hire Cyber HUMINT professionals to take care of possible cyber dangers that are looming in the future.

The author is CISO at Ujjivan Small Finance Bank

Leave a Reply

Your email address will not be published. Required fields are marked *