February 8, 2017 By Derek Brink 2 min read

We’re well into the new year, and you’ve resolved to keep yourself and your organization better informed about rapidly evolving threats, vulnerabilities, exploits, technologies, products and services related to cybersecurity. But how?

Keeping Up With Cybersecurity Trends

Here’s a snapshot of some of the many ways that security professionals are working hard to keep up with cybersecurity trends.

For many of us, efforts to stay informed about what’s happening in cybersecurity center around the lower-left corner of the above table. Our daily routine includes scanning our favorite news feeds, blogs, podcasts, social media posts and other informal, publicly available sources.

The fundamental challenge is to keep pace with the cybersecurity news cycle and maintain a high level of awareness about the latest cybersecurity trends and events in the never-ending battle between attackers and defenders.

Sources of Security News and Insights

When asked about their favorite sources of cybersecurity news and insights, security professionals offered some great places to start:

  • “I listen to The CyberWire podcast … It’s my go-to resource every day.”
  • “I listen to CyberWire, and the SANS Internet Storm Center. My favorite blogs come from reverse engineers across the entire industry, from independents to bloggers who work for the largest vendors. I also follow some favorites on Twitter, too many to mention.”
  • “A few times a day, I check in on the headlines at my favorite sites with Feedly, a fast and easy way to get the latest security news, which I’ve been able to optimize over time. My Twitter follows are curated to a core group of super sharp people who post security info and analysis that isn’t always in the mainstream. In a similar vein, LinkedIn news updates from colleagues are an excellent way to keep up with stories I may not have seen elsewhere.”

Formal Cybersecurity Analysis

For others, the need to stay informed is much more formal and structured, as in the examples found in the upper half of the table. For example, hands-on analysts in a security operations center needs the latest intelligence about active threats, vulnerabilities and exploits so they can quickly assess risks and take the most effective actions to defend, respond and recover.

These professionals value real-time visibility and intelligence about what’s happening, as opposed to news about what already happened. One fundamental challenge is learning how to share and collaborate more openly in what is a traditionally closed discipline. These professionals are also challenged to create and leverage automated mechanisms to efficiently share information without compromising confidentiality and trust.

When asked for resources related to these challenges, security analysts suggested the following:

  • “I subscribe to the daily email alerts from the U.S. Computer Emergency Readiness Team (US-CERT).”
  • “After reading the daily threat intelligence from the IBM X-Force Threat Analysis Service (XFTAS), I read up on what is being sent out by other cyber news organizations, what is being shared with us from the Information Sharing and Analysis Center (ISACs) and alerts from the IBM X-Force Command Centers.”

Whether informal or formal and regardless of the source, staying informed requires a committed, disciplined effort. This effort is essential to the cybersecurity professional’s dual role of technical expert and trusted advisor.

More from Risk Management

2024 roundup: Top data breach stories and industry trends

3 min read - With 2025 on the horizon, it’s important to reflect on the developments and various setbacks that happened in cybersecurity this past year. While there have been many improvements in security technologies and growing awareness of emerging cybersecurity threats, 2024 was also a hard reminder that the ongoing fight against cyber criminals is far from over.We've summarized this past year's top five data breach stories and industry trends, with key takeaways from each that organizations should note going into the following…

Black Friday chaos: The return of Gozi malware

4 min read - On November 29th, 2024, Black Friday, shoppers flooded online stores to grab the best deals of the year. But while consumers were busy filling their carts, cyber criminals were also seizing the opportunity to exploit the shopping frenzy. Our system detected a significant surge in Gozi malware activity, targeting financial institutions across North America. The Black Friday connection Black Friday creates an ideal environment for cyber criminals to thrive. The combination of skyrocketing transaction volumes, a surge in online activity…

How TikTok is reframing cybersecurity efforts

4 min read - You might think of TikTok as the place to go to find out new recipes and laugh at silly videos. And as a cybersecurity professional, TikTok’s potential data security issues are also likely to come to mind. However, in recent years, TikTok has worked to promote cybersecurity through its channels and programs. To highlight its efforts, TikTok celebrated Cybersecurity Month by promoting its cybersecurity focus and sharing cybersecurity TikTok creators.Global Bug Bounty program with HackerOneDuring Cybersecurity Month, the social media…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today