Cyberthreat intelligence may mean something slightly different depending on whom one talks to, but the growing movement to aggregate disparate historical and real-time data to identify obfuscated or never-before-seen attacks is impossible to ignore.
In this interview, recorded at the 2014 RSA Conference, Dave Shackleford, founder and principal consultant at Roswell, Ga.-based Voodoo Security, discusses the two emerging types -- crowdsourced threat intelligence and predictive threat intelligence -- and how each is being used to thwart potential attacks.
Despite the rapid progress being made by threat intelligence vendors and service providers, Shackleford admitted that organizations in certain verticals aren't yet getting the depth of information to meet their needs.
"I think really what that speaks to is the immaturity of the market space," Shackleford said. "A lot of these threat intelligence vendors are new and upcoming, and they haven't figured out how to narrow it down to the applicability of each organization."
Shackleford also discussed the extent to which outsourcing or open source intelligence gathering can be utilized, particularly for enterprises just getting started with threat intelligence, and the benefits of using tools like Shodan and the Active Defense Hardware Distribution to gather threat intelligence data.