Threat intelligence has now been a favorite of the information security industry now for some time. It is a powerful concept — let someone else deal with an attack or exposure, and use their experience to prevent the same problem in your organization. Since there are free sources for a tremendous amount of such data, it seems like a great deal.

The great deal is not always as good as it seems, however. Threat intelligence information is quite often wrong or misleading. As I mentioned in “These are the threats that keep me awake at night,” a Vermont electric utility, responding to intelligence information in a U.S. government joint forces statement, called in the FBI to investigate what turned out to be an employee’s innocent attempt to read their email on Yahoo.

To read this article in full or to leave a comment, please click here