Presentation is loading. Please wait.

Presentation is loading. Please wait.

Hurricanes, Earthquakes, and Threat Intelligence

Published byHilary Wade Modified over 6 years ago

Similar presentations

Presentation on theme: "Hurricanes, Earthquakes, and Threat Intelligence"— Presentation transcript:

1 Hurricanes, Earthquakes, and Threat Intelligence
Jonathan Couch, Senior Vice President - Strategy ThreatQuotient, Inc. Hurricanes, Earthquakes, and Threat Intelligence

2 Hurricanes Earthquakes
Cybersecurity In my experience, 2 things organizations face: Hurricanes: you can see them coming. You know the threats are out there. They test your ability as an organization to protect and defend. Once you’ve encountered a few hurricanes, the challenge becomes to anticipate the threats the hurricane poses. Earthquakes: this is when you’re network just comes alive. Things are happening that you didn’t anticipate. Earthquakes test your ability to detect, respond, and be resilient.

3 Threat Intelligence and You
Understand what it is Understand what you need Define how to use it Make it your own Put it all together Threat Intelligence and You Today, we will walk through different types of threat intelligence to understand what it is, how it is created, and how you can operationalize it.

4 Understand the Threat © 2016 ThreatQuotient - Confidential 4

5 AGILITY OBSERVE ORIENT DECIDE ACT OODA Loop

6 Fighting the Bad Guys is Hard
Dynamic Threat Landscape Vendor Overload Changing Computing Models Data & Noise Explosion Limited Human Resources Manual Operations & Analysis

7 Security Operations Decisions
AUTOMATION NOISE THREAT NUISANCE CONTEXT ADVERSARY

8 The “Right” Intelligence
Threat Data Reactive Contextual Threat Intel Proactive Relevant Threat Intel Anticipatory Knowledge, Wisdom Predictive The “Right” Intelligence Strategic Operational Tactical/Technical

9 ? Transforming Data into Intelligence Context THREAT DATA
THREAT INTELLIGENCE Context WHO WHAT WHERE WHEN WHY HOW ?

10 Actionability Timely Accurate Relevant The ART of Intelligence
Was the intelligence reliable and detailed? Relevant: Does the intelligence apply to you and your mission/business? Timely: Did you receive the intelligence with enough time to do something about it? Actionability

11 Use Case and Stakeholder Analysis
Risk Management Investigations Team Business Units Vulnerability Management Patch Management Security Infrastructure Executives/ Board of Directors CISO Security Operations Center Incident Response Team Cyber Threat Intelligence Team CONTENT, FORMAT, FREQUENCY

12 Data Intel CONSUMPTION Make It Your Own Knowledge Add insight
Understanding Knowledge Intel Data Add insight Add business context Fuse Make relevant Interpret CONSUMPTION Add context Verify Categorize

13 Implementing a Threat Intelligence Program

14 Intelligence Operations and Management
ACQUIRE AGGREGATE ANALYZE ACTION Commercial Industry Open Source Private Academic Network of Peers Internal Government SIEM Sensor Grid THREAT DATA FEEDS Log Repository Ticketing Knowledgebase Tools Communities SHARING PLATFORMS Commercial Government ACCURATE RELEVANT TIMELY

15 Threat Intelligence and You
Understand what it is Understand what you need Define how to use it Make it your own Put it all together Threat Intelligence and You Today, we will walk through different types of threat intelligence to understand what it is, how it is created, and how you can operationalize it.

16 QUESTIONS? OR

Download ppt "Hurricanes, Earthquakes, and Threat Intelligence"

Similar presentations

1© Copyright 2011 EMC Corporation. All rights reserved. The Future of the Advance Soc 3rd Annual Privacy, Access and Security Congress, Ottawa, 2012 Mike.

1© Copyright 2011 EMC Corporation. All rights reserved. The Future of the Advance Soc 3rd Annual Privacy, Access and Security Congress, Ottawa, 2012 Mike.
The Cyber Threat Intelligence Experts

The Cyber Threat Intelligence Experts
The U.S. Coast Guard’s Role in Cybersecurity

The U.S. Coast Guard’s Role in Cybersecurity
Building a Threat Intel Team Ryan Olson Director of Threat Intelligence October, 2014.

Building a Threat Intel Team Ryan Olson Director of Threat Intelligence October, 2014.
Report on Intrusion Detection and Data Fusion By Ganesh Godavari.

Report on Intrusion Detection and Data Fusion By Ganesh Godavari.
National Institute of Standards and Technology Computer Security Division Information Technology Laboratory Threat Information Sharing; Perspectives, Strategies,

National Institute of Standards and Technology Computer Security Division Information Technology Laboratory Threat Information Sharing; Perspectives, Strategies,
A project under the 7th Framework Programme CPS Workshop Stockholm 12/04/2010 Gunnar Björkman Project Coordinator A Security Project for the Protection.

A project under the 7th Framework Programme CPS Workshop Stockholm 12/04/2010 Gunnar Björkman Project Coordinator A Security Project for the Protection.
Thursday, January 23, 2014 10:00 am – 11:30 am. Agenda  Cyber Security Center of Excellence  Project Phase  Implementation  Next Steps 2.

Thursday, January 23, :00 am – 11:30 am. Agenda  Cyber Security Center of Excellence  Project Phase  Implementation  Next Steps 2.
Alert Logic Security and Compliance Solutions for vCloud Air High-level Overview.

Alert Logic Security and Compliance Solutions for vCloud Air High-level Overview.
Report on Intrusion Detection and Data Fusion By Ganesh Godavari.

Report on Intrusion Detection and Data Fusion By Ganesh Godavari.
GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015.

GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015.
ARTIFICIAL INTELLIGENCE FOR HOME LAND SECURITY. THE AUTHORS Phd, Information Systems from New York University Management information systems, University.

ARTIFICIAL INTELLIGENCE FOR HOME LAND SECURITY. THE AUTHORS Phd, Information Systems from New York University Management information systems, University.
Empowering Organisations to Thrive in the Face of Cyber Attacks An introduction to Resilient Systems Paul Ayers – General Manager, EMEA Chris Neely - Director.

Empowering Organisations to Thrive in the Face of Cyber Attacks An introduction to Resilient Systems Paul Ayers – General Manager, EMEA Chris Neely - Director.
Security and Resilience Pat Looney Brookhaven National Laboratory April 2016.

Security and Resilience Pat Looney Brookhaven National Laboratory April 2016.
How to Make Cyber Threat Intelligence Actionable

How to Make Cyber Threat Intelligence Actionable
© ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 10 Network Security Management.

© ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 10 Network Security Management.
Visual Analytics for Cyber Defense Decision-Making Anita D’Amico, Ph.D. Secure Decisions division of Applied Visions, Inc.

Visual Analytics for Cyber Defense Decision-Making Anita D’Amico, Ph.D. Secure Decisions division of Applied Visions, Inc.
Cyber Security Phillip Davies Head of Content, Cyber and Investigations.

Cyber Security Phillip Davies Head of Content, Cyber and Investigations.
Proactive Incident Response

Proactive Incident Response
IoT Security Part 2, The Malware

IoT Security Part 2, The Malware

Similar presentations

Ads by Google