To know when it will start raining, we check the weather app. To find out if there are any traffic jams, we check Google maps. To find out which companies are buzzing, we look at real-time stock quotes. But where should we go to get a real-time overview of cyber security news, threats and incidents from around the world?
This question is what drove us to develop the KPMG Cyber Trends Index. We explain our vision on cyber intelligence, highlight the currently existing gaps in the availability of comprehensive intelligence and discuss various ways in which we have seen the Cyber Trends Index being used in industry, where the users vary from technical security analysts to C-level executives.
The World of Cyber Security
Although cyber threats are real and their impact can be devastating, the media frequently portray a gloomy picture of cyber security, creating a culture of excessive fear. Yet, the reality is that cyber criminals are not unbeatable masterminds, and while they can inflict serious harm to your business, you can take actions to defend yourself against them ([Barl14]). You will never achieve 100% security, but by treating cyber security as a “business as usual” risk, your organization can be prepared to combat cybercrime. With relevant, comprehensive and timely cyber security intelligence, you will be able to achieve the goal of safeguarding the organization and making risk-based investments.
For many, however, this is not always easy to obtain. The world of cyber security tends to be cryptic due to its specialist character and technical jargon. In addition, it is difficult to distinguish between the primary, pressing issues and secondary, less severe occurrences ([Herm14]). Nevertheless, this cannot be an excuse to devolve the issue to specialist professionals. The board, management and employees must become more aware of the cyber security risk and their input and effort is needed to sustain the future of an organization. For that, they must know what is cooking in the cyber kitchen – in understandable language, graphics and interpretation.
“War is ninety percent information”
Napoleon Bonaparte
The famous French general did not even live in the information age, and yet he recognized that most of his military success was having the right information ([Hadn10]). When you are battling for a cyber-secure environment, obtaining real-time information can be of similar importance to your business. As management, you want to know what is happening around you. A breach at the neighbors could indicate that you can be next – while an upcoming technology could solve one of your long-lasting security problems or indicate another new threat. As a security specialist, you want to stay up-to-date on new vulnerabilities or events that you want to take action on.
In our vision, cyber intelligence and the insight that it brings are at the heart of Cyber Security 2.0. The vital need for real-time information about threats, incidents and trends for every organization is what drove us to develop the KPMG Cyber Trends Index (hereafter; CTI), and to make it freely available at https://cyber.kpmg.com.
The CTI provides this real-time overview of buzzing cyber news, trends, threats and incidents from around the world. One look at the Cyber Trends Index and you will be up-to-date on the latest information security developments, incidents and emerging threats. By providing actionable intelligence, the CTI allows you to take action on the latest threats, and make optimal use of new technologies and trends in the market. Having real-time threat information can make the difference in taking preventive actions when a new threat is emerging.
Using the Cyber Trends Index
We have seen various ways in which the Cyber Trends Index is being used in industry, where the users vary from technical security analysts to C-level executives.
At a large IT Service Provider, the CTI is used as a tool to update management and senior staff on developments within the cyber security space. A weekly to biweekly look is taken, primarily on the graphical representation of trends and threats. Because of the high degree of news correlation and visual trend information, this suits this organization’s need for abstract yet informative intelligence. The trend lines and points of view are the most prominently used features – giving an overview and interpretation of recent news.
”I visit the CTI pages frequently and recommend it in my constituency. Although I consult multiple resources each day, this dashboard stands out for its user friendliness, speed and accessibility for non-security professionals thanks to the simple yet adequate classification.”
Chief Security Officer of large IT Service Provider
In several Security Operations Centers (SOCs), the Cyber Trends Index has been spotted on one of the screens, next to news sources like CNN or Tweakers.[Tweakers.net is an online news outlet focused on technology.] They take frequent looks at the CTI, and mainly focus on the news feeds. Here, the timeliness of the news is the most used feature of the site. In addition, the possibility to read the full news article enables the SOC analyst to immediately dive into the details of any newly published vulnerability.
Within KPMG, the Cyber Trends Index is used to create overviews of recent developments in various industries. In order to be able to provide our clients with an up-to-date overview of risks and incidents that are specific to their sector, the CTI sector filtering feature is used.
While we recognize that the tool serves various audiences with different purposes, we do note that the desired level of abstraction can differ from one organization or person to another. Obviously, customized threat intelligence with a personal dashboard will provide a closer fit to the individual needs than a publicly available website can offer. Nonetheless, for many organizations the CTI already provides a reasonable degree of relevance. Only if the value of abstract – but real-time – threat intelligence comes to the surface, an investment in custom tooling should be considered.
Cyber Security 2.0
Like we noted earlier, Cyber Security 2.0 is the world of intelligence-based cyber risk management. It is the world in which adequate management of cyber security risks not only helps in being in control, but will also induce strategic advantage. In this world, technology is a key factor – and innovation in technology grows faster than one can imagine. The Netherlands has even become one of Europe’s leading technology hubs ([Egu15]). To harness this power, KPMG in the Netherlands is creating ecosystems with start-ups and young tech companies in order to move the industry forward with intelligence-based solutions.
The CTI has been developed together with the Dutch technology firm Owlin, a young company aimed at developing real-time data analysis solutions. The combination of KPMG’s cyber security insights and Owlin’s proprietary algorithms yields a tool that continuously tracks and scores news patterns from public sources (such as news sites, press releases, reports, magazines, forums, etc.) and presents them in an understandable manner.
Technology also induces the always-on mentality, where everyone wants to be up-to-date anywhere and anytime. The newly released Cyber News and Trends app (iOS/Android), the mobile app version of the Cyber Trends Index, contains an additional notification feature that is being used by those who want to have a real-time warning in case of a disruptive event. The Cyber Security 2.0 world, where threat intelligence is available cross-platform and provided by dedicated algorithms, is taking shape.
Conclusion
Technology will change as the (cyber) world keeps on developing: what is protected today might not be secure tomorrow. Therefore, it is essential to stay up-to-date with the latest cyber news, threats and incidents from around the world and learn how to embrace and act upon them in your daily operations. With this step into threat intelligence tooling, we are unlocking the potential of big data analysis on news articles for comprehensive cyber insights. By means of the openly accessible Cyber Trends Index, we contribute to making the world of cyber security more tangible and easier to understand – and we provide you a way to stay ahead of the game.
References
[Barl14] S. Barlock, T. Buffomantie and F. Rica, Cyber security: it’s not just about technology. KPMG, 2014.
[Egus15] C. Egusa and S. Cohen, The Netherlands: A Look At The World’s High-Tech Startup Capital, TechCrunch, 2015.
[Hadn10] C. Hadnagy, Social Engineering and Nonverbal Behavior Set, Wiley, 2010.
[Herm14] J. Hermans, Cyber security, a theme for the boardroom, KPMG, 2014.