These are challenging times for security leaders. Business pressures require faster processing of more data, and support for more devices than ever before. Critical data that used to be housed in a secured datacenter now moves across an increasingly complex ecosystem of networked environments, including IoT, cloud, mobile devices and workers, and virtualized networks. The rate of change in some environments is so rapid that many organizations simply can’t keep up. A recent Forrester survey of 342 security leaders found that the largest cybersecurity challenge for CISOs is adapting to ‘the rapidly evolving nature of cyber threats’. This is followed by the need to secure cloud workloads and services, and having to manage and secure their increasingly complex IT environment.

With these concerns, it's no wonder that the top priority for CISOs is improving operational efficiency. But where do you start? Do you load more security products onto an already over burdened IT staff? Because the survey shows that organizations that have never reported a security breach have adopted ten to twenty-five percent more security tools than those who have been recently compromised. But that strategy is difficult to maintain, especially when organizations are also dealing with a growing shortage of skilled cyber security professionals. Isolated security products need a lot of attention, and a lack of integration with other devices and management tools means that your team will need to spend a lot of time orchestrating policies and hand correlating threat data.

The answer is threat intelligence. In fact, in that same survey, 78 percent of those organizations that have never experienced a breach plan to adopt a threat intelligence platform that provides insight into attacker methods and indicators of compromise. The fact is CISOs who properly combine a technology-driven security strategy with effective threat intelligence are better prepared to successfully defend their organizations.

Here are some suggestions for businesses that want better intelligence about the cyber threats and cyber attacks targeting them:

Automate Your Security
Many organizations still use human workers to do security tasks that can be done better by automated, intelligent security systems. Automating many security functions have many advantages. Chief among the benefits: Automated systems can respond more quickly to sustained and intense attacks. Automation can reduce costs, complexity, and errors. Networks can adapt to security demands in the blink of an eye. Automation can help your cybersecurity

team build proactive security that can respond immediately to potential threats.

Intent based security that can recognize threats or problems and can also understand the reason behind something will be critical to thwarting automated attacks with automated security. When an intent-based system learns from past experience, it can take the proactive actions prescribed by your company’s cybersecurity team without the need for direct human intervention. While some organizations fear a loss of control when they move much of their security response to an automated system, good automation still gives your security employees visibility into the process. Without taking these trusted steps, we will never be able to move ahead and continuously fall behind an ever-growing attack curve. A portion of that trust lies in the quality and calibre of threat intelligence employed by automated systems.

Intent-based security that can recognize threats or problems and can also understand the reason behind something will be critical to thwarting automated attacks with automated security

Automated systems also give your security team more time to work on other issues. As my colleague, James Cabe, says, automated systems free your IT workers from ‘baby sitting technology’ to become data scientists. This especially helps in an era where we have a shortage of cyber security professionals.

Share Cyber Threat Information
Business organizations and governments have been talking about the need to better share more cyber threat information for several years, and I know this can be easier said than done. Sharing cyber threat information with other organizations certainly requires a high level of trust, but the benefits are many. Timely information sharing between organizations can help them recognize future cyber attacks and improve their defenses. By sharing information, organizations can build proactive defenses by working together against cyber criminals. In 2016, Fortinet witnessed the benefits of information sharing first hand as part of a joint operation that helped INTERPOL and the Nigerian Economic & Financial Crime Commission uncover the head of an international criminal network.Many businesses can join an ISAO (Information Sharing and Analysis Organization) or ISAC (Information Sharing and Analysis Center), which are groups focused on sharing threat intelligence relevant to specific industries.

The Cyber Threat Alliance, for which Fortinet is a founding member, is a not for profit organization led by expert security organizations automating the exchange of real-time indicators. This is a good example of how security experts can use automation to exchange threat information to translate into actionable security controls. One of the keys to successful information sharing is the speed of the process. A common critique of many information sharing services is that they are slow and unreliable. Organizations involved in information sharing systems should work to ensure that cyber threat data is quickly shared and immediately useful.

Don't Just Collect Threat Intelligence, Use It
Information sharing is a great step forward, but organizations need to go beyond sharing information to the next step: acting on it. Threat intelligence from other groups needs to be integrated with the data collected inside your own organization. Security tools are effective when they all work together to gather information from many sources, correlate it, and then give insight about your own threat environment.

This turns into actionable information that you should convert into policies that cover all your traditional networks, including public and private clouds, endpoint devices, and IoT systems. Businesses need a strategy for converting threat intelligence into action and they need to act quickly on the information received from other companies and from their own internal security systems. Today’s digital businesses need security tools designed to operate at the speed of business. These few steps are a good start to gauge your network’s threat IQ and increase your capabilities to protect against the next lurking cyber attack.