April 23, 2019 • Zane Pokorny
A question: What time of day do cyberattacks happen most frequently?
If you don’t know the answer, that’s okay — neither do we. When thinking about how to optimize your security practices, it might not even be a helpful question to ask. In one university study, four test computers set up with weak security were attacked 2,244 times a day, or every 39 seconds on average. At that frequency, does it really matter whether a few more attacks are happening at 5:00 in the afternoon or 8:00 in the morning?
The job of security professionals today is no easy thing. We have to contend with cyberattacks occurring increasingly often, across a widening threat landscape that includes a growing number of insecure internet-of-things (IoT) devices. And there’s a persistent, and worsening, skills and experience gap in the industry, meaning these problems cannot be resolved by simply hiring more people. Effective security today requires scaling up with automation, working more efficiently, asking the right questions, and having the tools to answer them — fast.
One of the greatest values of threat intelligence is that it provides the context needed to do exactly that — ask the right questions and get meaningful, actionable answers. Questions of how to prioritize alerts and sort out false positives, determine whether a data breach affects your organization, and more can all be answered with the right threat intelligence, but it only matters if you can get access to that threat intelligence fast enough to do something about it.
That’s why we’re releasing our new mobile app as a feature of our Core and Advanced license offerings — to arm security professionals with the threat intelligence they need to make informed decisions quickly, no matter where they are or what time it is.
The unfortunate truth is that cyberattacks do not come on any convenient schedule, but happen at all hours of the day or night. But whenever they do come, response time is often critical down to the minute. Security professionals are not automatons, however (not yet, anyway). Everyone has to take care of basic human needs like eating, sleeping, or just not being on the clock for every waking moment.
Sometimes, that means a critical alert is going to pop up at an inopportune time. Evaluating that kind of alert takes research, which requires resources that are usually not accessible without a computer. The Recorded Future mobile app provides immediate access to threat intelligence, right in your phone.
In the app, you’ll get access to all the research you need on the go. That includes not only research from our own Insikt Group — everything from their flash reports and threat actor summaries to in-depth research — but also your custom analyst notes. Analyst-On-Demand reports you’ve ordered also appear right in the app, alongside constantly updating cyber news.
The mobile app includes the following features:
We’re constantly improving the app to make it an even more invaluable resource for Recorded Future clients. One of the most significant of these will be alerting. Through the app, you will be able to receive priority alerts as push notifications on your phone, allowing you to then take action or immediately assign them to team members. Alongside direct access to threat intelligence through Intelligence Cards, you’ll be able to quickly triage and prioritize alerts, too.