Threat intelligence complements security measures that are designed to detect and block threats by analysing threats out \u2018in the wild\u2019, studying the strategies of threat actors and assessing counter measures.\nThis intelligence can identify threats to specific security technologies, industries and geographies, and identify the effective countermeasures.\nIn short, it\u2019s not a case of one size fits all. Every organisation has its own unique data to protect and its own, unique set of applications and technologies that use and protect its data and support the operation of the business.\nWhen choosing a threat intelligence service, it\u2019s necessary to ask not just how good that service is at gathering threat intelligence, but how well it can understand your organisation, its vulnerabilities, the threats most likely to impact you, and the best means of countering those complex threats.\nSuch is the pace of change that a non-specific threat intelligence service could present masses of \u2018intelligence\u2019 not relevant to your organisation, creating an unnecessary and distracting burden on IT security staff, who already spend much time dealing with false positives.\nKaspersky ANZ General Manager, Margrith Appleby, says, \u201cThreat intelligence needs to be part of the very DNA of running your operation.\u201d She adds, \u201cA new approach is needed because like all forms of security, it\u2019s an ongoing effort; it\u2019s not something that you do once and then put to one side.\u201d\nWith the rise of remote working, the threat landscape changes constantly. Now in its 10th year, the annual Kaspersky\u2019s Global Corporate IT Security Risks Survey reveals that phishing attacks have become more targeted and diverse in their approach as a result of the pandemic. Phishing and social engineering attacks on customer accounts were the top challenges cited by half of SMBs (50%) and enterprises (48%), closely followed by concerns around attacks on branch offices (44% for SMBs and 42% for enterprises). The main worries for decision-makers were data protection (59%), ensuring compliance with security policies and industry regulations (42%), and the cost of securing increasingly complex technology environments (41%).\nIn general, data protection remained the most concerning IT security issue for 59% of respondents, followed by security issues of cloud infrastructure adoption and business process outsourcing (43%) and downtime \/ loss of productivity (42%).\nWhat to look for in a threat intelligence service\nCyber threat actors know no boundaries. They can be anywhere in the world and target your business wherever you operate. So the first requirement of a threat intelligence service provider is global reach because providers that focus only on a specific region might well leave you with a false sense of security.\nKaspersky\u2019s report of the activities of the highly prolific malware group Transparent Tribe, also known as PROJECTM and MYTHIC LEOPARD, is a good example of the importance of global reach. Researchers behind this report have periodically seen cybercriminals\u2019 activities through the advanced persistent threats (APT) intelligence reports, and subscribers to that service already know this APT group has been operating without a break for the past four years.\u00a0This group has been active since 2013 but between June 2019 and June 2020 researchers found more than 1,000 victims in 27 countries.\nA good threat intelligence service should be looking inwards as well as outwards. Some of the intelligence most useful to your organisation comes from your own network. Data from intrusion detection and prevention systems, firewalls, application logs and logs from other security controls can identify patterns of malicious activity specific to your organisation. Good analysis can differentiate between a normal user and network behaviour abnormalities that can indicate an attack.\nIt is also important for information on threats to come with relevant context. Threat intelligence without context is simply data, and of limited value. Businesses need a threat intelligence service that can answer the question: \u201cwhy does this matter?\u201d\nTo reduce the burden on your cybersecurity staff of responding to threat information provided by a threat intelligence service, it\u2019s important to choose a service that also offers some integration with the security tools the business has already invested in.\nHelping you make the right choice\nThere are many choices, says Margrith Appleby. \u201cThe threat intelligence services market has become very competitive. The options are many, and complex. Choosing the service that\u2019s right for your organisation can be a challenge.\u201d\nKaspersky has more than two decades of experience in threat research. It employs a unique pool of global experts, its Global Research and Analysis Team (GReAT), empowered with advanced machine-learning technologies to detect even previously unseen cyberattacks and keep clients safe.\nGReAT operates at the heart of Kaspersky, uncovering APTs, cyber-espionage campaigns, major malware, ransomware and underground cyber-criminal trends across the world. This unique team comprises more than 40 security experts spread across Europe, Russia, the Americas, Asia and the Middle East. They bring unrivalled expertise, passion and curiosity to the discovery and analysis of cyberthreats.\nKaspersky also offers useful cybersecurity tools on its Threat Intelligence Portal. These enable you to check suspicious files, IP addresses, domains and URLs.\nThe leading cybersecurity firm\u2019s vast experience of threat intelligence has been gathered into a whitepaper called Evaluating Threat Intelligence Sources. It explains the key features to look for with this new threat intelligence service, and shows you how to find the one that\u2019s right for your organisation.\nDownload it here.