Organizations deal with cyber hurricanes ' those attacks you can see coming ' and earthquakes ' those attacks that just come alive on your network ' every day.'this talk covers intelligence-driven security operations programs and how they can become proactive, anticipatory, and adaptive.
Security operations groups are facing a key change to how we implement cybersecurity: cyber threat intelligence (CTI) and threat intelligence management. While intelligence has been around for quite some time, the quality and quantity of CTI available to organizations, both commercial and government, is greater than it has ever been. The key, however, is to understand what CTI really is and how to best make it actionable within your environment.
Leveraging a decade of cyber threat intelligence experience to define cyber threat intelligence and intelligence-driven operations, this talk will walk through some global examples of how organizations have implemented CTI. The future of cyber security will be driven by a better understanding of the adversary, their motivation, intent, tactics, and infrastructure. The key question covered in the talk is how will organizations need to adapt to make the most use of this knowledge within security operations.