February 8, 2017 By Derek Brink 2 min read

We’re well into the new year, and you’ve resolved to keep yourself and your organization better informed about rapidly evolving threats, vulnerabilities, exploits, technologies, products and services related to cybersecurity. But how?

Keeping Up With Cybersecurity Trends

Here’s a snapshot of some of the many ways that security professionals are working hard to keep up with cybersecurity trends.

For many of us, efforts to stay informed about what’s happening in cybersecurity center around the lower-left corner of the above table. Our daily routine includes scanning our favorite news feeds, blogs, podcasts, social media posts and other informal, publicly available sources.

The fundamental challenge is to keep pace with the cybersecurity news cycle and maintain a high level of awareness about the latest cybersecurity trends and events in the never-ending battle between attackers and defenders.

Sources of Security News and Insights

When asked about their favorite sources of cybersecurity news and insights, security professionals offered some great places to start:

  • “I listen to The CyberWire podcast … It’s my go-to resource every day.”
  • “I listen to CyberWire, and the SANS Internet Storm Center. My favorite blogs come from reverse engineers across the entire industry, from independents to bloggers who work for the largest vendors. I also follow some favorites on Twitter, too many to mention.”
  • “A few times a day, I check in on the headlines at my favorite sites with Feedly, a fast and easy way to get the latest security news, which I’ve been able to optimize over time. My Twitter follows are curated to a core group of super sharp people who post security info and analysis that isn’t always in the mainstream. In a similar vein, LinkedIn news updates from colleagues are an excellent way to keep up with stories I may not have seen elsewhere.”

Formal Cybersecurity Analysis

For others, the need to stay informed is much more formal and structured, as in the examples found in the upper half of the table. For example, hands-on analysts in a security operations center needs the latest intelligence about active threats, vulnerabilities and exploits so they can quickly assess risks and take the most effective actions to defend, respond and recover.

These professionals value real-time visibility and intelligence about what’s happening, as opposed to news about what already happened. One fundamental challenge is learning how to share and collaborate more openly in what is a traditionally closed discipline. These professionals are also challenged to create and leverage automated mechanisms to efficiently share information without compromising confidentiality and trust.

When asked for resources related to these challenges, security analysts suggested the following:

  • “I subscribe to the daily email alerts from the U.S. Computer Emergency Readiness Team (US-CERT).”
  • “After reading the daily threat intelligence from the IBM X-Force Threat Analysis Service (XFTAS), I read up on what is being sent out by other cyber news organizations, what is being shared with us from the Information Sharing and Analysis Center (ISACs) and alerts from the IBM X-Force Command Centers.”

Whether informal or formal and regardless of the source, staying informed requires a committed, disciplined effort. This effort is essential to the cybersecurity professional’s dual role of technical expert and trusted advisor.

More from Risk Management

Working in the security clearance world: How security clearances impact jobs

2 min read - We recently published an article about the importance of security clearances for roles across various sectors, particularly those associated with national security and defense.But obtaining a clearance is only part of the journey. Maintaining and potentially expanding your clearance over time requires continued diligence and adherence to stringent guidelines.This brief explainer discusses the duration of security clearances, the recurring processes involved in maintaining them and possibilities for expansion, as well as the economic benefits of these credentialed positions.Duration of security…

Remote access risks on the rise with CVE-2024-1708 and CVE-2024-1709

4 min read - On February 19, ConnectWise reported two vulnerabilities in its ScreenConnect product, CVE-2024-1708 and 1709. The first is an authentication bypass vulnerability, and the second is a path traversal vulnerability. Both made it possible for attackers to bypass authentication processes and execute remote code.While ConnectWise initially reported that the vulnerabilities had proof-of-concept but hadn’t been spotted in the wild, reports from customers quickly made it clear that hackers were actively exploring both flaws. As a result, the company created patches for…

Researchers develop malicious AI ‘worm’ targeting generative AI systems

2 min read - Researchers have created a new, never-seen-before kind of malware they call the "Morris II" worm, which uses popular AI services to spread itself, infect new systems and steal data. The name references the original Morris computer worm that wreaked havoc on the internet in 1988.The worm demonstrates the potential dangers of AI security threats and creates a new urgency around securing AI models.New worm utilizes adversarial self-replicating promptThe researchers from Cornell Tech, the Israel Institute of Technology and Intuit, used what’s…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today