Tech
Cyber Security: 6 tips To Hunt Threat, Safeguard Critical Assets
Most crucial step in cyber security is to find threat actors before they find out or launch attack.
How to do that efficiently and effectively is no small task – but with a small investment of time, you can master threat hunting and save your organization millions of dollars.
Consider this staggering statistic. Cybersecurity Ventures estimates that cybercrime will take a $10.5 trillion toll on the global economy by 2025. Measuring this amount as a country, the cost of cybercrime equals the world’s third-largest economy after the U.S. and China. But with effective threat hunting, you can keep bad actors from wreaking havoc on your organization.
This article offers a detailed explanation of threat hunting – what it is, how to do it thoroughly and effectively, and how cyber threat intelligence (CTI) can bolster your threat-hunting efforts.
Cyber Security: 6 tips To Hunt Threat, Safeguard Critical Assets
What is threat hunting?
Cyber threat hunting is gathering evidence that a threat is materializing. It’s a continuous process that helps you find the threats that pose the most significant risk to your organization and empowers your team to stop them before an attack launches.
6 Tips to Hunt Threat
Throughout the hunt, careful planning and attention to detail are essential, as well as ensuring all team members follow the same plan. To maintain efficiency, document every step so others on your team can easily repeat the same process.
1 — Organize the hunt
Ensure your team is prepared and organized by inventorying your critical assets, including endpoints, servers, applications, and services. This step helps you understand what you’re trying to protect and the threats they are most prone to. Next, determine each asset’s location, who has access, and how provisioning of access takes place.
Finally, define your priority intelligence requirements (PIRs) by asking questions about potential threats based on your organization’s environment and infrastructure. For example, if you have a remote or hybrid workforce, such questions might include:
- To which threats are remote devices most vulnerable?
- What sort of evidence would those threats leave behind?
- How will we determine if an employee is compromised?
2 — Plan the hunt
In this phase, you will set the necessary parameters through the following:
- State your purpose – including why the hunt is necessary and which threat(s) you should focus on, as determined by your PIRs. (For example, a remote workforce may be more prone to phishing attacks under a BYOD model.)
- Define the scope – identify your assumptions and state your hypothesis based on what you know. You can narrow your scope by understanding what evidence will surface if the threat you’re looking for launches.
- Understand your limitations, such as what data sets you can access, what resources you must analyze, and how much time you have.
- Set the time frame with a realistic deadline.
- Determine which environments to exclude, and look for contractual relationships that may prevent you from carrying out the hunt in specific settings.
- Understand the legal and regulatory constraints you must follow. (You can’t break the law, even when hunting for bad guys.)
3 — Use the right tools for the job
There are plenty of tools for threat hunting, depending on your assets inventory and hypothesis. For example, if you’re looking for a potential compromise, SIEM and investigative tools can help you review logs and determine if there are any leaks. Following is a sample list of options that can significantly improve threat-hunting efficiencies:
- Threat intelligence – specifically, automated feeds and investigative portals that fetch threat intelligence from the deep and dark web
- Search engines and web spiders
- Information from cybersecurity and antivirus vendors
- Government resources
- Public media – cybersecurity blogs, online news sites, and magazines
- SIEM, SOAR, investigative tools, and OSINT tools
Cyber Security: 6 tips To Hunt Threat, Safeguard Critical Assets
4 — Execute the hunt
When executing the hunt, it’s best to keep it simple. Follow your plan point by point to stay on track and avoid diversions and distractions. Execution takes place in four phases:
- Collect: this is the most labor-intensive part of a threat hunt, especially if you use manual methods to gather threat information.
- Process: compile data and process it in an organized and readable format for other threat analysts to understand.
- Analyze: determine what your findings reveal.
- Conclusion: if you find a threat, do you have data to support its severity?
5 — Conclude and evaluate the hunt
Evaluating your work before you begin the next hunt is imperative to help you improve as you go. Below are some questions to consider in this phase:
- Was the chosen hypothesis appropriate to the hunt?
- Was the scope narrow enough?
- Did you collect helpful intelligence, or could some processes be done differently?
- Did you have the right tools?
- Did everyone follow the plan and process?
- Did leadership feel empowered to address questions along the way, and did they have access to all the needed information?
6 — Report and act on your findings
In concluding the hunt, you can see if your data supports your hypothesis – and if it does, you’ll alert the cybersecurity and incident response teams. If there is no evidence of the specific issue, you’ll need to evaluate resources and ensure there were no gaps in the data analysis. For example, you may realize that you reviewed your logs for a compromise but did not check for leaked data on the dark web.
Take threat hunting to the next level with CTI
CTI can be an effective component of your threat-hunting program, particularly when the threat intelligence data is comprehensive and includes business context and relevance to your organization. Cybersixgill removes the access barrier to the most valuable sources of CTI and provides deep-dive investigative capabilities to help your team seek the highest-priority potential cyberthreats.
Our investigative portal enables you to compile, manage and monitor your complete asset inventory across the deep, dark and clear web. This intelligence helps you identify potential risks and exposure, understand potential attack paths and threat actor TTPs to proactively expose and prevent emerging cyber attacks before they are weaponized.
The digital landscape in Nigeria has seen significant growth over the years, with more citizens gaining access to the internet.
This has been largely driven by improved telecommunications infrastructure, affordable mobile devices, and the growing digital awareness among the population.
As of the fourth quarter of 2023, data on internet usage across the country reveals fascinating insights into which states are leading in digital connectivity.
According to the data released by the National Bureau of Statistics (NBS) internet subscriptions in the country stood at 163.8 million at the end of 2023.
Based on the NBS data, here are the top 10 states with the highest number of internet users in Nigeria as of Q4 2024:
10. Delta (4.4 million)
Rounding off the list is Delta State, with 4.4 million internet users. Known for its oil production, Delta is also making strides in the digital world, contributing to the diverse landscape of internet users in Nigeria.
9. Katsina (4.6 million
Katsina State, with 4.6 million internet users, is another northern state on the list, showcasing the expanding reach of digital connectivity beyond Nigeria’s major urban centers.
This growth is a testament to the increasing awareness and adoption of digital technologies in the state.
8. Adamawa (5.4 million)
Adamawa State stands out in the northeastern region with 5.4 million internet users. Despite facing challenges, the state is making significant progress in digital inclusion, bridging the digital divide in the region.
7. Rivers (5.6 million)
Rivers State, with its capital in Port Harcourt, is not just an oil-rich state but also a burgeoning center for technology and innovation in the southern part of Nigeria, with 5.6 million internet users.
The state’s efforts in leveraging digital technology for economic development are evident in its internet usage figures.
6. FCT (5.8 million)
The FCT, encompassing Nigeria’s capital, Abuja, boasts 5.8 million internet users. As the administrative and political heart of Nigeria, it’s no surprise that the FCT is among the leaders in digital connectivity, with many government and private sector initiatives pushing for greater internet penetration.
5. Kaduna (7.4 million)
Kaduna State is another northern state making waves in the digital world, with 7.4 million internet users. The state has been proactive in embracing technology, aiming to become a northern tech hub, which is reflected in its growing internet user base.
4. Oyo (8.4 million)
Oyo State, known for its rich cultural heritage, is also making strides in digital engagement with 8.4 million internet users. Its capital, Ibadan, is becoming a significant tech cluster, fostering digital education and innovation.
3. Kano (9 million)
Kano, one of the largest cities in Nigeria’s northern region, comes in third with 9 million internet users. The state has historically been a center of commerce and trade, and its adaptation to digital transformation has been commendable, making it a leading state in the north for internet usage.
2. Ogun (9.5 million)
Following Lagos is Ogun State, with 9.5 million internet users. Ogun’s strategic position as a neighbor to Lagos and its efforts in improving its ICT infrastructure have made it an emerging center for technology and industrialization, attracting more people to the digital space.
1. Lagos (18.9 million)
Topping the chart is Lagos, the commercial hub of Nigeria, boasting an impressive 18.9 million internet users. The state’s advanced infrastructure, coupled with its status as a business and tech hub, significantly contributes to its high internet usage.
Lagos is not only the most populous city in Nigeria but also a melting pot of cultures and businesses, making it a hotspot for digital activities.
Nasir El-Rufai may no longer be the Kaduna State governor and has missed a controversial ministerial appointment, but he certainly has not lost his zest for taking on big projects. The former governor is going into the private sector with a loud statement.
El-Rufai plans to launch a $100 million venture capital fund for startups in Nigeria, particularly those in the Kaduna tech ecosystem. He plans to match his ambitions with actions. He is willing to stake $2 million of his money for the offtake of the fund. He plans to convince investors to provide the remaining funding. The investors will mostly be those “who believe in us but don’t have the capacity or the time to do the analysis and evaluation. But they trust our judgment and they will come with us.”
He was in Marrakech in November for the Africa Investment Forum where he spoke to BusinessDay.
The former governor who played a significant role in the emergence of the current Nigerian president as the party’s candidate, seems to have put his disappointments behind him.
In Marrakech, there was no trace of the man who became the target of much social media trolling. The El-Rufai that showed up in Marrakech was looking spritely and took part in all the sessions of the Africa Investment Forum, a multi-stakeholder, multi-disciplinary platform with the vision to channel capital towards critical sectors to achieve the Sustainable Development Goals, the African Development Bank’s High 5s, and the African Union’s Agenda 2063.
According to him, he wants to set up a venture capital fund or private equity that will invest in young Nigerians with innovative ideas. It doesn’t matter what segment of the economy the ideas are. It could be in agriculture. ICT or the creative industry, so long as it has the potential to add value to the world, these are the ideas that El-Rufai and his fund will target.
During his tenure as governor of Kaduna, El-Rufai said he met many students in Kaduna who had great ideas and were creating innovations. However, many of them did not have someone to mentor them and help those ideas grow.
“What young people need is essentially mentoring and financing to get things going. They develop the idea and see whether it is viable. And we will open doors for them because they don’t have contact. They don’t know or have access to ministers, presidents, or regulatory agencies. We do. We know the minefields that they have to navigate. We know that they need to give them appointments and we can provide them with the startup funding and in return we take an equity position.
We don’t want to take your business; we want to develop it. But if we take the risk on you, we will take a percentage of the business,” El-Rufai said.
He is working with select private sector partners, including Eyo Ekpo, co-founder of Excredite Consulting Limited, and their primary focus is on Nigeria but the ambition is Africa because he projects from a report that Africa will be supplying the world with a significant portion of the workforce it needs by 2050.
According to a report by the Guardian, by 2050, Africa’s population is expected to reach 2.5 billion, which is about 25 percent of the world’s population.
El-Rufai says such projections call for more investments in the younger demographic. However, his fund will not just be focusing on new startups, there is also a plan to engage established companies with management problems that are still viable. The VC fund will invest in such companies, get them sorted out and take them to exit.
“We don’t intend to remain in any business. We want to catalyse growth in these startups,” he said.
One of the goals of being at the African Investment Conference was to seek continental partnerships, and investors and to explore opportunities with climate-focused investors.
“Nigeria has a lot to offer Africa and the world. Our population, entrepreneurial capability, the innovation of our young people and their boldness and courage to find success. We just felt that we have a duty to encourage,” he said.
The first fund will be investing for three to four years. The fund is expected to launch early next year and the company will be headquartered in Abuja. This is to diversify the funding beyond Lagos because there is already a lot of interest in funding innovation in Lagos. El-Rufai and his partners want to spur startup funding interest in ecosystems in Kaduna, Abuja and other parts of the country.
Woman killed while crossing road in Anambra
LASG’s maize palliative impactful, says poultry association chair
Fagbemi warns against obstructing EFCC from performing its lawful duty
BDCs now buying dollar at ₦980 — ABCON President
Osun Poly Student, Olanrewaju Olatona killed by hit-and-run one-way driver
Seplat Energy celebrates a decade of Dual Listing with Bell Ringing Ceremony at Nigerian Stock Exchange
3 teens arrested in Germany for allegedly plotting terror attack
Breaking…Naira abuse: Court sentences Bobrisky to 6 months in custody
Lagos Court Grants Emefiele N50m Bail
Unknown Gunmen Abduct Channelstv Reporter In Port-harcourt
Seplat Energy celebrates a decade of Dual Listing with Bell Ringing Ceremony at Nigerian Stock Exchange
BDCs now buying dollar at ₦980 — ABCON President
Osun Poly Student, Olanrewaju Olatona killed by hit-and-run one-way driver
Fagbemi warns against obstructing EFCC from performing its lawful duty
LASG’s maize palliative impactful, says poultry association chair
Woman killed while crossing road in Anambra
-
Business4 days agoSeplat Energy celebrates a decade of Dual Listing with Bell Ringing Ceremony at Nigerian Stock Exchange
-
News4 days agoBDCs now buying dollar at ₦980 — ABCON President
-
Metro4 days agoOsun Poly Student, Olanrewaju Olatona killed by hit-and-run one-way driver
-
Headline4 days agoFagbemi warns against obstructing EFCC from performing its lawful duty
-
News4 days agoLASG’s maize palliative impactful, says poultry association chair
-
News4 days agoWoman killed while crossing road in Anambra