Cyber Threat Intelligence
Halodoc is a health-tech platform that aims to simplify access to healthcare by leveraging technology and ensuring seamless and convenient access to a comprehensive health ecosystem. As a health-tech platform, security of Halodoc’s information system is paramount and required to be managed systematically, hence in the effort to strengthen our Information Security Posture, Halodoc have been implementing Cyber Threat Intelligence to improve the overall visibility from the present and the potential threats that targeting Halodoc Ecosystem.
What is Cyber Threat Intelligence
Before deep-diving into Cyber Threat Intelligence, it is good for us to read this well-known quotes from Sun Tzu a Chinese military general, strategist, philosopher, and writer who lived during the Eastern Zhou period where he is traditionally credited as the author of The Art of War, an influential work of military strategy that has affected both Western and East Asian philosophy and military thinking.
“If you know the enemy and know yourself, you need not fear the result of a hundred battles”
So Cyber Threat Intelligence is actually trying to follow the same principle in the context of cybersecurity where defenders need to know their weaknesses and understand on how the attackers operate to allow organizations having better understanding into the present or future threats by collecting, analyzing and classifying cyber threats information and context that will provides :
- An actionable vision to identify, measure and rank vulnerabilities to mitigate the cyber risks.
- An Insight into the latest threat trends on the cyber threat landscape to develop situational awareness for organization.
To simplify our understanding, let us also use this following example on how we can formulate “Information” and “Context” as the Intelligence data.
- Information : Data, names, places.
- Context : Dates, times, assets, infrastructure, locations, employees, behaviors, targets.
- Intelligence : Combining Information with Context that allows us to piece together a narrative that directs, or guides an organization to action.
Why is Threat Intelligence Important ?
Threat Actors are becoming more and more sophisticated in exploiting cybersecurity gaps. This is why threat intelligence is increasingly essential to protect the digital infrastructure and assets of the organizations which enable us to make faster, more informed, and change the organization behavior from reactive to more proactive in the fight against the threat actors as well as thoroughly understanding the threat landscape which will allow organization to accurately identify and prioritize risk and implement the right tools and techniques to respond the threats.
Types of Cyber Threat Intelligence
The following table outlines the common types of Threat intelligence that is split into three main areas which will offer context, attribution, and action that enable the solid foundation for building a Security Operation Center (SOC).
What Is a Threat Intelligence Platform (TIP) ?
Knowing where to find the threats is becoming increasingly difficult as threat actors use diverse channels which oftentimes operate through the surface web, deep web or dark web, hence organization will rely to the Threat Intelligence Platform (TIP) which has the main capability to leverage multiple data sources for collecting, organizing, analyzing, and visualizing the information about security threats, vulnerabilities, and attacks that relevant to the organizations and Internal SOC team will only focus to investigate security data and prioritize the exploitable vulnerabilities instead of dedicating time and resources to collecting and managing the Threat Intelligence data.
There are several TIP products in the market that you can see on this following gartner link and herewith the sample Master Dashboard Menu of the TIP that has been implemented at Halodoc.
Threat Intelligence Platform (TIP) Use Cases
Cyber Threat Intelligence solutions can be used in a wide variety of ways, hence it is important to identify the potential use cases that suit our organization's needs. Herewith the use cases that have been implemented in Halodoc by leveraging one of the commercial Threat Intelligence Platform (TIP).
Conclusion
Cyberattacks on all businesses are becoming more frequent, targeted, and complex which are not only disrupting the business operations, but it may also cause the reputational damage to the organizations. Hence, nowadays businesses should consider implementing Cyber Threat Intelligence to improve the overall visibility of the Cyber Threats. Leveraging Threat Intelligence Platform (TIP) is one of the best ways to consider where this platform can collect the information about cyberattacks from various sources to protect the organization and weaken the damage probability of the present and the future cyberattacks.
References
https://crowdstrike.com/cybersecurity-101/threat-intelligence/
https://cyble.com/cyble-vision
https://en.wikipedia.org/wiki/Sun_Tzu
https://gartner.com/reviews/market/security-threat-intelligence-services
https://socradar.io/what-is-strategic-cyber-intelligence-and-how-to-use-it/
Join us
We are always looking out for top engineering talent across all roles for our tech team. If challenging problems that drive big impact enthral you, do reach out to us at careers.india@halodoc.com
About Halodoc
Halodoc is the number 1 all around Healthcare application in Indonesia. Our mission is to simplify and bring quality healthcare across Indonesia, from Sabang to Merauke. We connect 20,000+ doctors with patients in need through our Tele-consultation service. We partner with 3500+ pharmacies in 100+ cities to bring medicine to your doorstep. We've also partnered with Indonesia's largest lab provider to provide lab home services, and to top it off we have recently launched a premium appointment service that partners with 500+ hospitals that allow patients to book a doctor appointment inside our application. We are extremely fortunate to be trusted by our investors, such as the Bill & Melinda Gates Foundation, Singtel, UOB Ventures, Allianz, GoJek, Astra, Temasek and many more. We recently closed our Series C round and In total have raised around USD 180 million for our mission. Our team works tirelessly to make sure that we create the best healthcare solution personalised for all of our patient's needs, and are continuously on a path to simplify healthcare for Indonesia.