Cyber Threat Management (CTM) is an advanced management program enabling early identification of threats, data driven situational awareness, accurate decision-making, and timely threat mitigating actions.
- Manual and automated intelligence gathering and threat analytics
- A comprehensive methodology for real-time monitoring including advanced techniques such as behavioral modeling
- Use of advanced analytics to optimize intelligence, generate security intelligence, and provide Situational Awareness
- Technology and skilled people leveraging situational awareness to enable rapid decisions and automated or manual actions
Cyber threats actors could be financially or socially motivated hackers, disgruntled employees, organized criminal gangs, competitors or state actors. Some of these actors are well trained and will persist a campaign to achieve their goal of data theft or damage over weeks to months. A well organized CTM program is needed to detect and stop these threats.
Just some of the examples of cyber threats as observed on networks and computers are suspicious network activity, malicious code, viruses, Trojan horses, root kits, unauthorized data transfers, phishing attacks and exploited vulnerabilities. Well run CTM stops these threats before large-scale data breach or widespread asset damage can occur. Targeted malware or Advanced Persistent Threats (APTs) uses multiple phases to break into a network, avoid detection, and harvest valuable information over the long term.