Menu

My Experience Creating a Small and Medium Business Threat Intelligence Website

0 Comments


If you read this post, chances are:

  1. you’re curious about my portfolio piece, or
  2. an entrepreneur interested in small and medium business threat intelligence.

If you’re curious about my portfolio piece…

…well then I’m excited to be able to share it with you.

In the interest of full disclosure, I completed this project with a team member. I created the website while he completed background research on small and medium business threat intelligence.

I’ve never been in a program that had me create professional-level content. So, I’m thrilled that this MS in Cybersecurity and Information Assurance is providing me that opportunity.

This portfolio piece was fun to make and I was able to learn an incredible amount from the experience.

Small and medium business threat intelligence website >>

Goals

Actionable threat intelligence is vital in a business’s security portfolio. Thus, we felt it important to provide small and medium business threat intelligence they can use to protect their small companies.

Our goal with this website is to provide actionable small to medium business threat intelligence. This way, CEOs will be better equipped to harden their systems and protect their company assets.

Steps Taken to Create the Site

The threat intel site was built off an existing cybersecurity website. I installed a plugin to handle membership and making certain content public vs private for already registered individuals.

Then, pages were built to house the functionality of this new offering. One was built to function as a landing page and a second to link users to the industry-related blog posts they might benefit from reading. Then there were other pages for registration, account information, lost password, login and the actual site for displaying threat intel.

These pages were added onto a secondary menu only visible from the SMB main page. This way, users that arrive to the SMB home page can have direct access to the pages they need and nothing more. Similarly, users that arrive to the site for other content would not see information on threat intelligence that does not pertain to them.

Resources used “behind-the-scenes” to build and maintain it

As with most self-hosted websites, there are quite a few moving parts behind the scenes. Web hosting, security updates, social media plugins, and theme updates, as well as database and backup maintenance. Behind the scenes, there is a plugin handling most of the user registration information as well as what pages and posts are accessible to everything versus what content is available only to registered and logged in members.

I take time to maintain a blog on the site to gain traffic and spread awareness of cybersecurity across all audiences. Consistently made blog content will help the website rank better for Google and therefore gain organic traffic. This may result in more members signing up and using threat intel to protect their SMBs.

Our screening process for incoming data

As one might imagine, this was the most difficult step. It took days of consistent searching for samples of threat intelligence websites and services that would be pertinent to our audience but still simple enough to understand in case the SMB owner does not have access to a security professional yet.

Most companies offer threat intelligence reports with daily updates as a paid service, though their sites offer a unique benefit in that they are compatible for use with their current security programs.

In the end, we chose to keep the information we provide simple to keep it actionable and prevent intelligence overloadAs stated earlier, a unique characteristic of SMBs is that they likely do not yet have the budget to hire a security expert, whether they are in-house or as external consulting. Therefore, since most of our users will be attempting the DIY method, the simpler the intelligence, the higher the chances will be that they will use the intel and develop sound plans around it.

How The Service Will Operate

Our small and medium business threat intelligence webpage will be available for free with registration to the site. Registration requires a username, name, and email address as well as setting up a private password to protect the account.

Protections have been put in place so that two IP addresses cannot be logged on to the same account simultaneously. This will ensure that everyone accessing the intel has registered with us. Having an accurate count on our users will:

  • help guide our future development on the site and
  • ensure that we allow enough resources to keep the page running given the number of users accessing the intel across the globe.

Lessons Learned and Results

Our threat intel site was very well received by the community. Despite only being live about 5 days, our threat intel website has had a full 50 individuals sign up. Due to this warm welcome, we are considering our project to be a success.

However, there are certain improvements we wish to make soon. At present, our threat intel has to be input manually. Although it only takes a minute or two, we would like to be able to automate the daily update.

Furthermore, we would like to be able to widen the scope of where we obtain our data. Certain government programs provide intelligence for security specialists and business owners to keep up to date on current cyberthreats. Two examples are the Department of Homeland Security’s (DHS) Automated Indicator Sharing and the FBI InfraGard Portal.

However, access and membership to those two particular programs require filling out an application and passing a vetting process so we were not able to manage it in one month. This government data would hopefully be more reliable and up-to-date than anything we would be able to find on our own as cybersecurity students.

Through this project we learned just how invaluable threat intel is to SMBs and yet just how rarely it is sought out and acted upon. It was encouraging to see so many individuals signing up so quickly after the site’s launch. To us, it is a positive sign that threat intel is starting to be taken seriously among website owners.

InfraGard.org >>

Department of Homeland Security’s (DHS) Automated Indicator Sharing >>

 

As a small business owner, are you implementing cybersecurity for your startup? If not, check out these 4 easy tips to help you begin - today!

If you’re an entrepreneur interested in small and medium business threat intelligence

That’s great! It means that cybersecurity is on your mind – and it definitely should be.

But how should you go about protecting yourself? After all, there is so much information out there. Just type “best cybersecurity practices to follow” into Google and you’ll get about 26,500,000 results.

But that’s the problem with information.

Information is:
  • unfiltered,
  • unverified, and therefore,
  • ultimately unactionable.
And intelligence is a pivotal aspect of an information security program.

Threat intelligence particularly can be a fundamental aspect of a well-rounded information security program.

Without threat intelligence, your security program is limited to reacting to attacks you’ve already fallen victim to. Or perhaps even worse, implementing strategies without a clear vision of how those work together to harden your systems.

I say the latter is worse for several reasons.

  • The tools and techniques you are implementing may not be the most efficient for the type of assets you are wishing to protect
  • You may be implementing strategies that won’t effectively protect you given the current malicious agents across the globe.
  • Which means that you may be wasting your cybersecurity budget on methods that won’t keep you from falling victim to a cyber attack.

Threat intelligence identifies threats cropping up across the globe and can be tailored to your industry or target of choice.

Threat intelligence not only identifies threats cropping up across the globe, but it can be tailored to your industry or target of choice.Click To Tweet

Threat intelligence should be used to:

  • Identify potential threats to your organization
  • Think creatively about ways in which a cybercriminal may combine old and modern attacks to penetrate your system
  • Identify which of your unique assets are particularly compromised given the current landscape
  • Prepare threat models for hardening your system both offensively and defensively

Needless to say, small and medium business threat intelligence is vital to securing your company and forming a successful information security program.

To visit the small and medium business threat intelligence site >>

1 thought on “My Experience Creating a Small and Medium Business Threat Intelligence Website”

Leave a Reply

Your email address will not be published. Required fields are marked *

8 Shares
Share4
Pin3
Share1
Tweet
Share
Share
Reddit
Flip
Vote
Pocket