As cybersecurity professionals, we talk a lot about risk. In a world where only the most naïve would suggest that we can prevent all cyber-attacks, we must make sure we understand which cyber threats have the highest risk of becoming reality, and allocate our security resources accordingly. Indeed, this is a key use case for threat intelligence platforms, which help companies identify and understand threats in the context of their business. In our hyper-connected technology environment, if everyone does this effectively, cybersecurity standards will rise, and collective risk will be reduced.
However, cybersecurity performance varies significantly between companies, industries, and countries, which can result in uncontrolled cyber risk. This is particularly problematic when it concerns the digital networks of organizations supplying critical national infrastructure, finance and healthcare, and all the other sectors on which modern society depends. When a cyber-attack has the potential to cause a significant threat to life and disrupt the stability of society, the risk can’t be ignored.