Cybersecurity Blog: The Cyber Scene is evolving, are you?

As a manager of a Security Intelligence Center (SIC), I can say first hand that few things are more frustrating than investing in a cybersecurity product that fails to deliver what your security team truly needs to be successful when it comes to true situational awareness.

Read more

Breaches disclosed in the media foster conversations within organizations on how to protect critical assets and enterprise infrastructure. Loss of intellectual property, financial data and customer confidence have produced tangible evidence of an evolving threat landscape that, in turn, has elevated the conversation to the board room.  

This cyber awakening has many organizations evaluating current security measures including tools and technology – and the options available in the market are endless!    

On May 11, 2016, I joined Greg Masters of SC Magazine for an evaluation of new cyber technologies in the marketplace. In my role as Chief Technologist for Lockheed Martin’s commercial cyber business, I’m focused on evaluating the latest trends in the market in order to advance our own defense strategies. 

In the following on-demand webcast, I analyze a variety of cyber technologies that can enhance your defenses including: Threat Intelligence Platforms, Security Operations (SecOps) Tools, Endpoint Detection and Response as well as User Behavior Analytics. 

Read more

Lockheed Martin Cyber Kill Chain® Prominent Component of NTT Group’s 2016 Global Threat Intelligence Report

This year’s Global Threat Intelligence Report (GTIR) provides organizations the data needed to disrupt attacks. Solutionary, an NTT Group company, partnered with Lockheed Martin on their 5th annual GTIR. 2016 is the first year the report included partners with the goal of an expanded view of the threat landscape, and more analysis of attacks, threats and trends from last year. The 2016 GTIR includes information from 24 security operations centers, seven R&D centers, 3.5 trillion logs, 6.2 billion attacks, and 8,000 security clients across 6 continents.

The report uses last year’s attack information and the Lockheed Martin Cyber Kill Chain to highlight practical application of the Cyber Kill Chain and explain a comprehensive strategy to enable effective security across the entire organization.

Read more

Palisade® Threat Intelligence Management and Analyst Workflow Platform 3.5 Release

The Lockheed Martin product engineering team announces the release of Palisade® 3.5. The latest version of our threat intelligence management platform includes improved search capabilities, an expansion of our API, increased support of STIX™ files and CybOX™ objects, and the ability to automatically extract indicators from a block of text to easily add to your database.

Read more

The need for visibility, control and awareness now extends beyond your network.

There is an old adage “loose lips sink ships”. Is your organization providing cyber-criminals information for free? You’d answer, “Of course not!". On the face of it this question seems ridiculous to even ask. However, cyber-criminals are becoming more sophisticated. As an adversary’s tactics and strategies evolve, cybersecurity organizations need to be aware of the unwitting exposure of secure information on social media. This approach is on the rise and fast becoming the preferred strategy for many cyber-criminals to perform the “reconnaissance” step in the Lockheed Martin Cyber Kill Chain®.

Read more

I give myself good advice, but I seldom follow it.”

 

– Alice in Wonderland

In the threat intelligence space, vendors market threat feeds as a source of “good advice”. But are subscription based threat feeds truly providing actionable intelligence? A challenge for any SOC operations manager is to determine if their threat feed is really creating value or just a barage of alerts that send their analyst teams “down a rabbit hole”.

Read more

Corporate cyber attackers have a lot of advantages: job hunters, employees looking for Mr. or Mrs. Right, lazy screening of connections in apps like LinkedIn and Facebook, and our simple human quest to connect with others. Kind of makes you want to be antisocial, right?

Read more

Traditional security operations centers (SOCs) have done well in the past protecting against the traditional attacks, but in the threat landscape we face today, characterized by advanced persistent threats (APTs), a traditional SOC misses the mark. We now require a heightened level of security that brings intelligence analysis and knowledge management to the forefront. A security intelligence center (SIC) empowers organizations to address these threats before they cause harm, rather than merely reacting to them. If the data has been taken, a reaction will only do so much.

Read more

As previously discussed (TIP Defined blog post), a properly employed Threat Intelligence Platform can enable an organization to take a more effective approach to computer network defense. In this post we will delve a bit deeper into how a Threat Intelligence Platform (TIP) can act as a tool for incident response and investigations, becoming a central hub for SOC operations performing with an Intelligence Driven Defense®mindset.

Read more

As previously mentioned, one of the most important aspects of cybersecurity is intelligence. Fighting and defending against constant attacks without the proper knowledge of who they are, how and why they are attacking, as well as a lack of understanding of the characteristics that signal an attack can lead to a massive data breach or disruption of service.

Read more