When it comes to sharing threat intelligence with one another, organizations tend to play the game differently. Some prefer to play the “secret squirrel game,” where attribution is something so sacred that names of actors can only be whispered behind closed doors. In other cases, data is bought on the dark underbellies of the Internet and then sold back to organizations as threat intelligence. For others, like the Agari Cyber Intelligence Division, information is shared amongst trusted individuals who can use it to stop cybercrime and bring criminals to justice.

Human resources departments are the epitome of task ownership, carefully and efficiently connecting an organization’s needs with that of its employees. Employees in HR are tasked with recruitment, onboarding, and employee relations, and oftentimes handle payroll and benefits. Because of their wide reach, threat actors are now turning their attention to this organizational pipeline as they continue to evolve their employee-to-employee attack vectors.

Marriott Hotels, Dunkin Donuts, even the House GOP. During the final quarter of 2018, a host of high-profile data breaches and cyberattacks have made major headlines.

Some stemmed from business email compromise (BEC) scams, spear phishing campaigns, or other advanced email threats. Others are expected to help fuel such attacks in the future. A few might see somebody fight back through innovative, active defense measures.

Subscribe to ACID