Threat intelligence has now been a favorite of the information security industry now for some time. It is a powerful concept — let someone else deal with an attack or exposure, and use their experience to prevent the same problem in your organization. Since there are free sources for a tremendous amount of such data, it seems like a great deal.
The great deal is not always as good as it seems, however. Threat intelligence information is quite often wrong or misleading. As I mentioned in “These are the threats that keep me awake at night,” a Vermont electric utility, responding to intelligence information in a U.S. government joint forces statement, called in the FBI to investigate what turned out to be an employee’s innocent attempt to read their email on Yahoo.