BRI: 12 Essential Blogs from 2019
As avid advocates, practitioners, and all-around champions of Business Risk Intelligence (BRI), we at Flashpoint know education and awareness are fundamental as we continue to work toward our vision of a safe and secure world one step ahead of threat and risk.
So, amid our tireless efforts to produce actionable reporting and analysis, support customers’ efforts to build or expand their intelligence functions, and bring innovative new product updates and integrations to fruition, the thought leaders within our team have made considerable headway exploring the many facets of BRI.
As the year draws to a close and Flashpoint prepares to enter its second decade, we found it an apt time to share this retrospective highlighting 12 essential blog posts from 2019, with a focus on leveraging BRI to remain nimble and adept while navigating a threat landscape that continues to evolve:
“Data on its own, however, isn’t of much value to an enterprise security decision maker without some threads of context sewing it together to find a solution to a problem,” writes Mike Mimoso in this deep dive on the often-underappreciated distinction between raw data and actionable intelligence.
Business risk is foundational to Business Risk Intelligence (BRI), but it’s also commonly misunderstood because its scope extends far beyond that of a traditional security function. In this blog, Josh Lefkowitz offers an overview of financial, compliance, strategic, reputational, and operational risk, along with an exemplary walkthrough of how to assess each category of risk in a hypothetical scenario.
Over the past several years, Business Risk Intelligence (BRI) has grown from a little-known acronym into a widely adopted approach for defenders across all industries. In this blog, Chris Camacho shares some of the most common questions that come up when working with defenders.
“As we’ve seen with numerous breaches where attackers were able to leverage a weakness in a contractor or service provider, third-party risk must be assessed and mitigated,” writes Josh Lefkowitz. In this blog, he shares essential tips to help security decision makers more effectively address the risks posed by relationships with technology vendors.
Eric Lackey provides a step-by-step example of how the intelligence cycle can serve as a framework to help teams more effectively investigate, and mitigate insider threats by identifying knowledge gaps, collecting and analyzing information to address those gaps, and leveraging their findings to inform a course of action.
Proper intelligence requirements must be in place before data collection, analysis, and consumption of intel can happen. In this blog, Mike Mimoso shares advice on setting appropriate requirements tailored to your team’s needs and challenges.
Producing timely, relevant, and actionable intelligence at scale is integral to the success of an intelligence program, but it simply isn’t feasible for many organizations due to the extensive resources, bandwidth, and subject-matter expertise it requires. In this blog, Matthew Howell explains how the finished intelligence component of BRI addresses this capabilities gap, empowering teams with actionable insight into the threats that matter most.
Ian Gray explores the complex impact of planned shutdowns, exit scams, law enforcement takedowns, extortion attempts, and distributed denial-of-service attacks affecting underground communities. Such takedowns and disruptions have had a decentralizing effect on cybercriminal activity, driving a shift among some threat actors to encrypted chat platforms.
“As the reach of law enforcement and researchers within markets and forums expands, threat actors are finding somewhat of a safe haven within the encrypted channels of modern chat services platforms,” writes Mike Mimoso in this deep dive into why defenders need visibility into this booming frontier of cybercrime.
Ian Gray and Max Aliapoulios explain how insight into Joker’s Stash—the most notorious card shop on the cybercrime underground—can enable cyber threat intelligence and fraud teams to quickly identify and mitigate potential exposures.
Traditional incident response is a predetermined path for addressing and managing a network breach or incident, with the aim of keeping damage and expenses in check, and reducing recovery time. In this blog, Christopher “Tophs” Elisan explains why this approach is insufficient for dealing with increasingly targeted ransomware attacks.
Flashpoint’s Global Intelligence Team has a dedicated unit known as the Hunt Team that specializes in tracking down the newest threats emerging from illicit communities, enabling customers to be proactive about managing risk. In this blog, Christopher “Tophs” Elisan explores how his team helps customers address emerging cyber threats, threat-actor movement, and evolving tactics, techniques, and procedures (TTPs).