Since lawyers are guardians of client data it is essential that they be vigilant about cyberthreats and “be more proactive in finding and preparing for threats to physical and digital assets, it’s crucial to define and understand exactly what threat intelligence means, and separate fact from fiction” as reported in Cyvellience recent report entitled “10 Myths About Cyber Threat Intelligence: Separating Fact from Fiction.”  The 10 myths are as follows:

Myth 1: Threat intelligence is just another term for data.

Myth 2: Only big companies have a need for threat intelligence.

Myth 3: It’s impossible to develop a business case and show ROI for threat intelligence.

Myth 4: The volume of sources and data outside our perimeter is too overwhelming to be useful.

Myth 5: Threat intelligence is only useful for the information security department.

Myth 6: I deal with guns and guards, so I don’t need cyber threat intelligence.

Myth 7: Our network is already protected by firewalls, IDS, and anti-virus solutions.

Myth 8: Threat intelligence is only useful before a breach or a security event.

Myth 9: We already have an in-house cyber security team, so we don’t need threat intelligence from a third-party.

Myth 10: We can’t afford to hire more analysts to process, review, and act upon threat intelligence. 

Separating fact from fiction is not always pretty, but with cyberthreats today understanding these myths is critical.