Why did Norse, the top threat intelligence company, fail? Data is not intelligence
mob604757044d68 2021-07-20 04:38:52

I remember that cool , A threat intelligence company that can display a map of global cyber attacks in real time Norse No ? It went out of business .


last Saturday , A person familiar with the situation disclosed to the media ,Norse Sam . Greenes was asked by the board to step down . Company employees are required to report to the company this Monday , But wages are not guaranteed . After the news came out about it ,Norse The company's official website and attack map were closed one after another .

People familiar with the matter also said ,Norse Our assets will be related to Solarflare Merge . But Russell, the latter's chief executive . Stern said ,“Norse and Solarflare There's no deal .”

Norse Companies used to be media favorites , stay 2014 When Sony Pictures was attacked in, it often made the headlines in the international news , Moreover, the analysis report on Iran's attack on American industrial control system is frequently cited , So it's famous . But actually , whenever Norse When carried out by the media , There's always going to be a lot of criticism from safe community professionals , accuse Norse There is a problem in the judgment and supporting data of .

Safety company Dragos Security LLC Founder and CEO of 、 Industrial control system expert Robert . Li wrote in his blog :

“ The company interprets Internet scan data based on their sensors as attack intelligence , And most threat intelligence companies rely on rich data, supplemented by actual intrusion emergency response data , It's not a scan activity . and ,Norse In the absence of verifiable industrial control system capability , Quickly draw conclusions about the system ……

In short , They interpret data as intelligence , And data 、 There's a big difference between information and intelligence . Even though Norse It's of great research value to scan data at the product and Internet level , but , The data is still not intelligence . therefore , Although they claim to be an important member of the threat intelligence community , But they have never been recognized by the leading analysts and companies in the community .

The circle of threat intelligence community is very small , Once you make a strategic mistake , The adverse effects are huge and lasting . trust , It's incredibly important in this community .”

actually , As early as 2016 Year begins Norse There was a round of layoffs . The survey shows that , The company has gone through a series of failure patterns , Including business 、 Anti merger 、 Shell companies and products have seriously failed to meet expectations . Mary, the company's senior data scientist . Landesman says , The quality of the data companies use is not that good ,“ It's almost the same as automated crawlers and scanning tools Web Server logs are the same .”

Data makes Norse, Data is the foundation of the company . Once the data goes wrong , It's a big problem for users who rely on data to make security decisions and risk analysis . at present ,Norse It's not clear what impact the closure of the company will have on its customers .

Whatever it is that leads to Norse To the point where it is today , And led to the crusade of the insiders , The main responsibility lies with the management .

Norse Lessons learned

First , Trust is of great significance in threat intelligence work , Threat Intelligence companies need to realize that they are part of the entire security ecosystem , Can't be independent of . Formal or informal business partnerships and information sharing , All contribute to the rapid development of the company . Threat intelligence needs to be more open and shared , Instead of competing with other security products . It can help good security projects do better , And through useful information to support enterprise strategic decision . More directly , Threat Intelligence doesn't want to replace the bad security program before , It's not going to be a security solution once and for all .

also , Threat Intelligence companies should be very careful when doing marketing work , In especial We should not exaggerate the function and utility of our products or services . This is critical in threatening the intelligence community , For any security start-up . Otherwise, once the circle thinks that , You're making false and exaggerated propaganda , This bad reputation is hard to change .

Last , For investors , You can't just look at what the company is showing , And to investigate what the community really thinks about it .

There are media contacts abroad Norse KPMG, our investor , The latter came last year 9 Monthly payment Norse investment 1140 Thousands of dollars . KPMG responded ,“ investment Norse The specific terms of are trade secrets , There's nothing to say at the moment .”

Please bring the original link to reprint ,thank
Similar articles