Cyber Threat Intelligence for understanding threats

THE SCENERY

The data presented in the latest Clusit Report show that the first half of 2017 was the worst ever for cyber security, confirming an inexorable upward trend from 2011 to today: any organization, regardless of size or sector of activity, is concrete risk of suffering a significant cyber attack within the next 12 months. This in the face of ICT security investments still quite insufficient compared to the market value of ICT goods and services.

Cybercrime, today, is characterized by attacks aimed at extorting data and money. The media hype that has been created on the subject of security helps companies to become more aware of the risks to which they are subject. Very often, however, attacks are perceived as actions by international criminal organizations, forgetting that sometimes a company’s security flaws arise from design errors and security management that can not be resolved by simply identifying the appropriate technology. We need governance, skills and strategy, even more so today that digitalization extends the attack and risk surface. Almost everyone has thought about the protection of PCs and laptops, but only a few companies have installed advanced security systems on their employees’ smartphones that represent a very large attack surface.

It is therefore necessary to develop a new model of investments in cyber security, adapted to real threats. The answer can be found in the Security by Design approach, that is to think about security already in the design phases of an application or a digital service.

Therefore, we must not abandon Digital Transformation or, on the contrary, renounce security in order to have more advanced or innovative features: the real challenge is to integrate security into systems, applications and digital services without precluding usability and experience from users.
To be safe and protected, a company must follow a series of rules and processes that are not limited to the implementation of technological solutions but enter into the personal sphere of the behaviors and habits of employees and collaborators.
Therefore, we need to think in terms of prevention that declining methods and technologies tailored to the different needs of each company that depend on its nature, the business model, the organizational structure, the awareness of people.

THE LUTECH APPROACH

The heart of Lutech’s value proposition is based on some pillars: “solid" Security Engineering based on knowledge and the ability to integrate the best technologies in the field of Cyber Intelligence, Breach Monitoring, Incident Response.
Lutech’s Cyber Threat Intelligence offering provides customers with the support needed to understand consolidated and emerging cyber threats, offering cyber threat detection, analysis and monitoring services.
The activities of Intelligence, performed outside the Customer’s infrastructure, on the information channels in the visible, deep and dark web, are aimed at collecting the data necessary for the development of information, in some cases even preventive, relating to Cyber Crime. and Fraud Activity, able to support our clients in strategic decision-making and management processes.
Also the service of Breach Detection & Incident Response of Lutech (L-BDIR) realizes the monitoring of infrastructure security through the detection and analysis of anomalies in network traffic and execution of application processes, in order to identify, evaluate and responding to external and internal threats to servers, endpoints, mobile devices, applications.

Through the use of cloud-based and on-premise technological and service components, L-BDIR collects data and information from the various technologies present in the Customer context and / or offered by Lutech. The detection and response to threats are structured on the model of the “Cyber Kill Chain", with a view to modeling and keeping under control risk scenarios; and to mitigate or remedy the compromise of systems, applications and data, thus reducing the impact on the customer’s business.

Furthermore, the integration with the Cyber Threat Intelligence services makes the most up-to-date information to the controls and the platforms that can actively use them immediately be activated.

Lutech CSIRT Team