Globally, the cyber threat level to organisations remains high, and the current situation only serves to highlight this further. To this point, any organisation with substantial gaps in its cybersecurity capabilities is operating at risk.
When the threat landscape changes, as it has now, we become more aware of the vulnerabilities that we have carried for some time and the need for better cyber threat intelligence (CTI).
Why we need cyber threat intelligence
Two major cybersecurity events of the past 12 months showcase the requirement for CTI in network security operations: the SolarWinds software supply chain attack, which broke at the start of 2021 and the Log4j vulnerability response process that occurred at the end of 2021.
Both of these incidents highlight the need to rapidly gain situational awareness, contextualise vast amounts of information being shared, and prioritise remediation of significant threats.
Looking specifically at Log4j, this is an open-source Java logging library developed under the Apache Software Foundation. Many software developers included it as a package to help with the journaling of activity by an application or online service.
In fact, it can be found in many of the devices and services we use every day. A software flaw was discovered that allowed remote code execution and information disclosure – and the rest is history.
Read the complete article here