image
For those in the industry, it comes as no surprise that many cybersecurity programs have been impacted by loss of revenue during the pandemic. From cutting tooling and feed budgets to reduction in staff, it’s been challenging at best. In a recent SANS 2021 survey, “Threat Hunting In Uncertain Times,” we were shown that 11 percent of organizations have had their threat-hunting and intelligence programs impacted by the pandemic, with 12 percent of the organizations polled stopping their hunting programs altogether. With ransomware affiliate actions on the rise and organizations constantly under the target of business email compromise (BEC) scams, this is a horrible time to be stuck with a shrinking budget. In light of this, we’re going to go through some broad suggestions and checklists for how to do 80 percent of what you need to do on the cyberintelligence front, at just 20 percent of the typical cost for an enterprise program. Wrap in Open-Source Resources Luckily, as security vendors have matured the capability of enterprise products, so too has the maturity of community projects grown. Couple those free and open technologies with the dedicated time of an analyst or researcher, and you have a viable alternative for a low-budget team. Stress must be placed on viable in this case, and it’s important to note that you should bring up with your leadership the fact that managing your own tooling comes with the price of human hours. Many of the free and open-source tools are not…

Source