The course is part of this learning path
Threat management and unified threat management (UTM)
Previously, in 'Risk: Key terms', you looked at the key terms and associated issues of risk issues in the context of cyber security.
Now, it's time to look at some solutions to those issues you have identified, which come under the heading of threat management.
A new category
Threat management is a relatively new approach to cyber-defence that describes a variety of technologies that work together to address the range of threats to the endpoints, gateways, information in the cloud or data on users’ own devices.
Some vendors call this unified threat management, or UTM, but please, make sure you know what your vendor means when they say UTM, as it can have a slightly different focus depending on the provider.
Threats, as you know, come from a variety of threat actors, such as criminals, journalists, and foreign nation state groups, all of whom will use the full range of attacks and exploits to break into your network.
These threats may be targeting different aspects of your business, be it the endpoints, servers, networks or even employees interacting with social media systems. Your threat management strategy also needs to consider internal actors, such as existing employees who could damage the system, either accidentally or deliberately.
The three principal types of controls are Administrative, Technical and Physical.
Administrative security controls refer to policies, procedures or guidelines that define personnel or business practices in line with the organisation’s security goals.
- Incident response procedures
- The security training and education programme
- Process for staff background checks and security clearance
Technical controls are ways you’ll use technology to reduce vulnerabilities in hardware and software.
Examples of technical controls would be:
- Antivirus and Anti-Malware Software
These controls are actual tangible protections against unauthorised access.
Examples of physical controls include:
- Closed-circuit surveillance cameras
- Security guards
- Locked doors
Different from risk management
Threat management is different from risk management because motivation is not important to the threat manager, so even if the risk is low, it's still taken seriously.
You can see that threat management seeks to achieve a comprehensive, multi-faceted and integrated security system, which takes into account diverse threats and weaknesses, in order to offer a more holistic security solution.
Next, you'll explore the main security risks: big data, the Internet of Things, the dark web, and social media.
In this course, you’ll be looking at numerous aspects of the risk matrix including the risk and threats involved in big data, the Internet of Things (IoT), the dark web and social media. You'll also be exploring threat intelligence, unified threat management (UTM), and security risk. You'll also see how you can use open-source intelligence (OSINT) and Dark Web Threat Intelligence to help you establish, improve and refine your risk treatment. All of this ensures that your organisation is protected from and alert to the constantly evolving series of information security threats.
However, before you go on to threat management, let's first review risk and see how it relates to cyber security.
A world-leading tech and digital skills organization, we help many of the world’s leading companies to build their tech and digital capabilities via our range of world-class training courses, reskilling bootcamps, work-based learning programs, and apprenticeships. We also create bespoke solutions, blending elements to meet specific client needs.