As cyber threats become increasingly sophisticated, threat intelligence has proven to be a critical tool for businesses to defend themselves. At its core, threat intelligence refers to the collection, analysis, and dissemination of information on current or potential cyber threats that can impact an organisation’s digital assets. This data provides valuable insights into the identity, intentions, and tactics of attackers, enabling organisations to anticipate, prepare for, and effectively respond to cyber-attacks before they can cause significant harm.
What makes threat intelligence so powerful is its ability to transform raw data into actionable insights. By understanding the latest trends and techniques used by threat actors, businesses can strengthen their security defences, prioritise vulnerabilities, and deploy appropriate countermeasures to mitigate risks. This proactive approach helps organizations go beyond responding to attacks faster to prevent them altogether. In an age where data breaches, ransomware, and espionage are becoming commonplace, threat intelligence equips companies with a strategic advantage, enhancing their overall cybersecurity posture.
Among the top players in the industry offering intelligence solutions to bolster holistic cybersecurity strategies is Kaspersky. Over the years, the cybersecurity company has delivered solutions enabling businesses with the latest insights that will allow them to get a real-time view of the ever-evolving cyber threat landscape.
We caught up with Rashed Al Momani, General Manager for Middle East, Kaspersky, to discuss how the company’s threat intelligence solutions are empowering organisations maximise their security strategies and boost their cyber resilience.
Can you elaborate on the significance of threat intelligence in strengthening organisations’ cybersecurity? In what ways do Kaspersky’s TI offerings stand out from other players in the market?
Threat intelligence is vital in strengthening an organisation’s cybersecurity posture; it offers actionable threat insights for companies and equips them with the knowledge base to defend against serious cyber threats. One of our main strengths at Kaspersky is that we are comprised of experts with advanced skillsets. Having a talented group of analysts to work with 25+ years of threat intelligence research is truly invaluable because we are able to gain detailed insights that will help us determine the type of threats and possible origins. All encompassed in a fully-fledged Threat Intelligence Portal, Kaspersky offers a wide range of reliable and immediate threat-related analytical services, like crimeware analysis, APT tracking and threat attribution, ICS threats, and insights into threats originating from other sources, such as the dark web. Even more so, our threat intelligence is unique in that it covers and tracks threat actors from all around the globe, providing us with clear visibility from East to West, including key countries such as China, Russia, and the US. We take pride in our unmatched visibility, tracking a range of threat actors regardless of their origin or motivation.
How is threat intelligence applicable to different industries?
According to our researchers, cybercriminals, like APT groups, usually target a wide range of industries, both private and public. Some of the most targeted industries include governmental, diplomatic entities, telecommunications, healthcare, manufacturing, aviation, and more, all of which contribute significantly to the economic prosperity of a country or region. It is, therefore, crucial for these industries to be protected, and this is where Kaspersky’s insights make a real impact. We offer companies the visibility needed as to what tools, techniques, and procedures threat actors may be using to target the entity, industry, or company in which they are operating. For instance, a telecommunications company would have valuable access to analysis on threats that could be targeting their organisation, other telecommunications companies in the region, as well as the country they operate in. Both on a macro and micro level, highly detailed information on the risks associated with your organisation’s footprint allows security teams to create actionable insights and adjust security controls that help best protect the entity.
Data sovereignty is a significant concern for businesses in this region. How do Kaspersky’s on-premise solutions address this issue?
Data sovereignty is increasingly becoming a primary goal for companies and governments in the region as well as around the world. Kaspersky’s extensive portfolio addresses this concern seamlessly as we offer on-premises, cloud, and hybrid solutions for those companies that enjoy the efficiency and flexibility of the cloud. In addition, Kaspersky works alongside specific organisations and entities to meet the local data requirements and regulations put in place by the respective government.
What are the top emerging threats you’re currently monitoring?
At Kaspersky, our researchers are tracking about 19 threat actors that are actively targeting organisations across the META region. Our team keeps a close eye on any emerging threats in the region, and we have seen that the top targeted industries are government and diplomatic institutions, telecommunications, and finance. The threats posed to these industries are primarily driven by espionage and monetary gain, with APT groups employing a wide range of techniques to infiltrate their victims in the region. It is, therefore, imperative that we continue to investigate any emerging threats and their movement, publishing comprehensive reports on the Threat Intelligence Portal. Our Global Research and Analysis Team’s (GReAT) work is crucial for security teams and corporations across the region, enabling effective mitigation and remediation.
How are governments benefitting from Kaspersky’s extensive research to be able to combat organised crime in cybersecurity?
Governments most definitely benefit from our in-depth research, and we are working with local teams now more than ever due to the current geopolitical tensions that amplify attacks on governmental bodies. Kaspersky’s research enables governments and their security teams to understand the threat landscape in their region and stay ahead of cybercrime. Our work also helps law enforcement, both locally and internationally, to track down, disrupt, and prosecute threat actors. We truly believe that it’s crucial for governmental bodies and private companies to cooperate and share efforts in order to curb the growing threat of cyber-attacks on a regional and international level.
How is Kaspersky leveraging emerging technologies like AI and machine learning to enhance its cybersecurity solutions?
AI and machine learning have been integrated into Kaspersky’s solutions for more than 20 years. With more than 7 billion attacks being detected globally, these emerging technologies are crucial in order to analyse such a vast number of threats. They also allow us to empower our own learning. Like any other emerging technology, AI also has its drawbacks. We have been seeing cybercriminals leveraging technologies like AI and machine learning to create sophisticated phishing emails and even to produce malicious code. Kaspersky experts constantly evaluate the potential threats linked to emerging technologies and work on ways to help our customers be best protected.
Discussion about this post