How Cyber Threat Intelligence Safeguards against today’s Threat Landscape

As the overall cyber threat environment continues to increase in complexity, it’s becoming more and more difficult for organizations across every industry to adequately protect
themselves. Within this landscape, organizations are looking for more advanced and innovative strategies to help them proactively respond to the latest malware being leveraged by hackers.

Enter cyber threat intelligence, a proactive way to guard against emerging threats that’s becoming a more critical part of IT


Experts and real-world use cases alike show that the tools traditionally employed – including legacy firewall and antivirus systems – simply cannot keep up with the expanding threat landscape:

  • (ISC)² reported that 65 percent of federal government administrators don’t believe organizations could pinpoint and address an ongoing cyber attack.
  • Threats abound in the retail sector as well. A study from Tripwire discovered that on average, it takes nearly 200 days to detect an advanced threat hiding in the network supporting a retail business.
  • In 2017, DDos attacks replaced advanced persistent threats (APTs) as the third most significant threat, according to SANS 2017 Threat Landscape Survey.
  • Cyber crime damage costs are expected to hit $6 trillion annually by 2021.
  • There were more than 1,579 reported data breaches in 2017, a 44.7% year-over-year increase.

These conditions are requiring new strategies for network security, particularly as cyber protection continues to rank among business leaders’ top priorities. This is where cyber threat intelligence comes in, helping to bridge the gap between emerging threats and organizational security.


According to Gartner’s Rob McMillan, cyber threat intelligence can be defined as knowledge about an emerging threat that can be leveraged to better direct an organization’s response to that
particular hazard. This knowledge can come from several evidentiary sources, including certain context clues, indicators, conclusions and actionable guidance.

This evidence-based approach can help an organization better identify suspicious behavior that may point to the presence of a threat, allowing the IT team to quickly respond and remediate the threat. This prevents the company from having to rely on outdated threat definitions that previously would allow certain dangers to slip through the cracks undetected.

“Cyber threat intelligence, when used correctly, can help defenders detect attacks during – and ideally before – these stages by providing indicators of actions taken during every stage of the attack,” SANS Institute analyst Dave Shackleford wrote.

Threat intelligence solutions analyze data pertaining to attacks and vulnerabilities across networks to identify weak points and attack vectors as they emerge. In the current threat landscape, this type of approach to end-to-end protection is absolutely invaluable. With cyber threat intelligence in place, organizations are better equipped to battle the newest threats and ensure the protection of their most important assets.


From the Wannacry cyber attack to the Equifax credit reporting breach, it is clear hackers are getting more sophisticated in their attack methods. Organizations need to be proactive and implement security tools to better protect their network and sensitive information.

Thankfully, there are solutions out there that can not only protect your network at the gateway but also provide additional protection against unknown and emerging malware threats and zero-day exploits. Untangle’s cyber threat intelligence cloud-based service, ScoutIQ™ proactively scans all networks—including encrypted traffic—for various threats and malware, provides continuous threat protection by aggregating data from NG Firewall deployments worldwide, and synthesizes data from industry-wide threat intelligence services.

By inspecting data at the metadata level, ScoutIQ is able to better inform the protection offered by NG Firewall, ensuring that the network is guarded against even the newest, emerging threats. Untangle’s NG Firewall
solution combines unified threat management with policy management tools to enable organizations to monitor, manage and shape internet traffic.