SlideShare a Scribd company logo

4 Rules for Successful Threat Intelligence Teams

Recorded Future
Recorded Future

Threat intelligence is quickly becoming a core element of risk management for many enterprises. Putting a team in place to manage threat intelligence, however, isn’t as easy as other, more established areas of information security. First, it’s newer, and second, organizations might not yet have the right skills and tools in-house. With that in mind, we’ve identified four simple rules that will help organizations build and maintain a successful threat intelligence team.

Technology
1 of 8
1 Threat Intelligence Teams 4 Rules for Successful
2 Introduction To truly understand risk, an enterprise must grasp and have the capability to handle emerging information security threats to its environment. In the last few years information security has moved to the top of organizations’ risk management plans. Here are four simple rules that will help organizations build and maintain a successful threat intelligence team.
3 ▪ A threat intelligence team is run by people, so hiring the right people with the right skills is critical. ▪ Certain parts of threat analysis require distinct and practiced skill sets, and when building or adding to a threat intelligence team, personalities also matter. ▪ The interaction and workflow between teams should be pre-planned, and data sharing should facilitate easy integration for the teams responsible for making security verdicts. 1. Strong Talent
4 ▪ Proprietary threat intelligence platforms (TIPs) are tailored to the organization’s specific needs. ▪ Building powerful proprietary capabilities requires an experienced data architect to design fast and nimble data structures to seamlessly integrate external tools. ▪ The collaborative process facilitates control changes and allows the architect to deliver threat data in a format appropriate for each group. 2. Build an Infrastructure
5 ▪ Threat intelligence teams must know what the business identifies as levers of profitability to prioritize the identification and dissection of threat events and sources. ▪ Protecting strategic assets is the first priority, and defensive controls need to be managed as threats emerge. ▪ Threat analysts must be able to identify such things as general industry threats, trends, attacker TTPs, and commodity malware. 3. Business Profitability
6 ▪ To effectively set goals, executives should have insight into current and future threats. ▪ Executives need to hear from the threat intelligence team about how some threats translate to risk, and then learn how the risk of those threats can be mitigated. ▪ Organizational threats will always exist, and it’s up to the business to decide its risk tolerance. 4. Continuous Communication
7 Takeaway With these four pillars in mind, organizations can run an effective threat intelligence team which contributes to business success. People and tools are important parts of the process, but equally important are cross-functional collaboration and communication.
8

Recommended

Threat Intelligence by the Numbers
Threat Intelligence by the NumbersThreat Intelligence by the Numbers
Threat Intelligence by the NumbersRecorded Future
 
Top 6 Sources for Identifying Threat Actor TTPs
Top 6 Sources for Identifying Threat Actor TTPsTop 6 Sources for Identifying Threat Actor TTPs
Top 6 Sources for Identifying Threat Actor TTPsRecorded Future
 
Threat Intelligence Tweaks That'll Take Your Security to the Next Level
Threat Intelligence Tweaks That'll Take Your Security to the Next LevelThreat Intelligence Tweaks That'll Take Your Security to the Next Level
Threat Intelligence Tweaks That'll Take Your Security to the Next LevelRecorded Future
 
Proactive Defense: Understanding the 4 Main Threat Actor Types
Proactive Defense: Understanding the 4 Main Threat Actor TypesProactive Defense: Understanding the 4 Main Threat Actor Types
Proactive Defense: Understanding the 4 Main Threat Actor TypesRecorded Future
 
Industry Check: Where Real Companies Stand With Threat Intelligence
Industry Check: Where Real Companies Stand With Threat IntelligenceIndustry Check: Where Real Companies Stand With Threat Intelligence
Industry Check: Where Real Companies Stand With Threat IntelligenceRecorded Future
 
Improve Your Threat Intelligence Strategy With These Ideas
Improve Your Threat Intelligence Strategy With These IdeasImprove Your Threat Intelligence Strategy With These Ideas
Improve Your Threat Intelligence Strategy With These IdeasRecorded Future
 
Overview of Recorded Future Intel Cards
Overview of Recorded Future Intel CardsOverview of Recorded Future Intel Cards
Overview of Recorded Future Intel CardsRecorded Future
 
7 Habits of Smart Threat Intelligence Analysts
7 Habits of Smart Threat Intelligence Analysts7 Habits of Smart Threat Intelligence Analysts
7 Habits of Smart Threat Intelligence AnalystsRecorded Future
 

Recommended

Threat Intelligence by the Numbers
Threat Intelligence by the NumbersThreat Intelligence by the Numbers
Threat Intelligence by the NumbersRecorded Future
 
Top 6 Sources for Identifying Threat Actor TTPs
Top 6 Sources for Identifying Threat Actor TTPsTop 6 Sources for Identifying Threat Actor TTPs
Top 6 Sources for Identifying Threat Actor TTPsRecorded Future
 
Threat Intelligence Tweaks That'll Take Your Security to the Next Level
Threat Intelligence Tweaks That'll Take Your Security to the Next LevelThreat Intelligence Tweaks That'll Take Your Security to the Next Level
Threat Intelligence Tweaks That'll Take Your Security to the Next LevelRecorded Future
 
Proactive Defense: Understanding the 4 Main Threat Actor Types
Proactive Defense: Understanding the 4 Main Threat Actor TypesProactive Defense: Understanding the 4 Main Threat Actor Types
Proactive Defense: Understanding the 4 Main Threat Actor TypesRecorded Future
 
Industry Check: Where Real Companies Stand With Threat Intelligence
Industry Check: Where Real Companies Stand With Threat IntelligenceIndustry Check: Where Real Companies Stand With Threat Intelligence
Industry Check: Where Real Companies Stand With Threat IntelligenceRecorded Future
 
Improve Your Threat Intelligence Strategy With These Ideas
Improve Your Threat Intelligence Strategy With These IdeasImprove Your Threat Intelligence Strategy With These Ideas
Improve Your Threat Intelligence Strategy With These IdeasRecorded Future
 
Overview of Recorded Future Intel Cards
Overview of Recorded Future Intel CardsOverview of Recorded Future Intel Cards
Overview of Recorded Future Intel CardsRecorded Future
 
7 Habits of Smart Threat Intelligence Analysts
7 Habits of Smart Threat Intelligence Analysts7 Habits of Smart Threat Intelligence Analysts
7 Habits of Smart Threat Intelligence AnalystsRecorded Future
 
Cyber threat intelligence ppt
Cyber threat intelligence pptCyber threat intelligence ppt
Cyber threat intelligence pptKumar Gaurav
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat IntelligenceZaiffiEhsan
 
Threat intelligence in security
Threat intelligence in securityThreat intelligence in security
Threat intelligence in securityOsama Ellahi
 
6 Steps for Operationalizing Threat Intelligence
6 Steps for Operationalizing Threat Intelligence6 Steps for Operationalizing Threat Intelligence
6 Steps for Operationalizing Threat IntelligenceSirius
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligencemohamed nasri
 
Threat Intelligence 101 - Steve Lodin - Submitted
Threat Intelligence 101 - Steve Lodin - SubmittedThreat Intelligence 101 - Steve Lodin - Submitted
Threat Intelligence 101 - Steve Lodin - SubmittedSteve Lodin
 
Alien vault sans cyber threat intelligence
Alien vault sans cyber threat intelligenceAlien vault sans cyber threat intelligence
Alien vault sans cyber threat intelligenceAlienVault
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat IntelligenceMarlabs
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat IntelligencePrachi Mishra
 
Cyber Threat Intelligence Integration Center -- ONDI
Cyber Threat Intelligence Integration Center -- ONDICyber Threat Intelligence Integration Center -- ONDI
Cyber Threat Intelligence Integration Center -- ONDIDavid Sweigert
 
Ethical hacking a licence to hack
Ethical hacking a licence to hackEthical hacking a licence to hack
Ethical hacking a licence to hackamrutharam
 
Introduction to Ethical Hacking
Introduction to Ethical HackingIntroduction to Ethical Hacking
Introduction to Ethical HackingUK Defence Cyber School
 
Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...
Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...
Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...Puneet Kukreja
 
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)Security Strategy and Tactic with Cyber Threat Intelligence (CTI)
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)Priyanka Aash
 
Using SurfWatch Labs' Threat Intelligence to Understand Third-Party Risk
Using SurfWatch Labs' Threat Intelligence to Understand Third-Party RiskUsing SurfWatch Labs' Threat Intelligence to Understand Third-Party Risk
Using SurfWatch Labs' Threat Intelligence to Understand Third-Party RiskSurfWatch Labs
 
Hunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systemsHunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systemsFidelis Cybersecurity
 
SOC 3.0: strategic threat intelligence May 2016
SOC 3.0: strategic threat intelligence May 2016SOC 3.0: strategic threat intelligence May 2016
SOC 3.0: strategic threat intelligence May 2016Sarah Bark
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinarIntergen
 
How to assess and manage cyber risk
How to assess and manage cyber riskHow to assess and manage cyber risk
How to assess and manage cyber riskStephen Cobb
 
Mitigating Risk from Cyber Security Attacks
Mitigating Risk from Cyber Security AttacksMitigating Risk from Cyber Security Attacks
Mitigating Risk from Cyber Security AttacksTripwire
 
Operationalizing Threat Intelligence to Battle Persistent Actors
Operationalizing Threat Intelligence to Battle Persistent ActorsOperationalizing Threat Intelligence to Battle Persistent Actors
Operationalizing Threat Intelligence to Battle Persistent ActorsThreatConnect
 
Gallagher.M Exam1
Gallagher.M Exam1Gallagher.M Exam1
Gallagher.M Exam1mgalla22
 

More Related Content

What's hot

Cyber threat intelligence ppt
Cyber threat intelligence pptCyber threat intelligence ppt
Cyber threat intelligence pptKumar Gaurav
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat IntelligenceZaiffiEhsan
 
Threat intelligence in security
Threat intelligence in securityThreat intelligence in security
Threat intelligence in securityOsama Ellahi
 
6 Steps for Operationalizing Threat Intelligence
6 Steps for Operationalizing Threat Intelligence6 Steps for Operationalizing Threat Intelligence
6 Steps for Operationalizing Threat IntelligenceSirius
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligencemohamed nasri
 
Threat Intelligence 101 - Steve Lodin - Submitted
Threat Intelligence 101 - Steve Lodin - SubmittedThreat Intelligence 101 - Steve Lodin - Submitted
Threat Intelligence 101 - Steve Lodin - SubmittedSteve Lodin
 
Alien vault sans cyber threat intelligence
Alien vault sans cyber threat intelligenceAlien vault sans cyber threat intelligence
Alien vault sans cyber threat intelligenceAlienVault
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat IntelligenceMarlabs
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat IntelligencePrachi Mishra
 
Cyber Threat Intelligence Integration Center -- ONDI
Cyber Threat Intelligence Integration Center -- ONDICyber Threat Intelligence Integration Center -- ONDI
Cyber Threat Intelligence Integration Center -- ONDIDavid Sweigert
 
Ethical hacking a licence to hack
Ethical hacking a licence to hackEthical hacking a licence to hack
Ethical hacking a licence to hackamrutharam
 
Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...
Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...
Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...Puneet Kukreja
 
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)Security Strategy and Tactic with Cyber Threat Intelligence (CTI)
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)Priyanka Aash
 
Using SurfWatch Labs' Threat Intelligence to Understand Third-Party Risk
Using SurfWatch Labs' Threat Intelligence to Understand Third-Party RiskUsing SurfWatch Labs' Threat Intelligence to Understand Third-Party Risk
Using SurfWatch Labs' Threat Intelligence to Understand Third-Party RiskSurfWatch Labs
 
Hunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systemsHunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systemsFidelis Cybersecurity
 
SOC 3.0: strategic threat intelligence May 2016
SOC 3.0: strategic threat intelligence May 2016SOC 3.0: strategic threat intelligence May 2016
SOC 3.0: strategic threat intelligence May 2016Sarah Bark
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinarIntergen
 
How to assess and manage cyber risk
How to assess and manage cyber riskHow to assess and manage cyber risk
How to assess and manage cyber riskStephen Cobb
 
Mitigating Risk from Cyber Security Attacks
Mitigating Risk from Cyber Security AttacksMitigating Risk from Cyber Security Attacks
Mitigating Risk from Cyber Security AttacksTripwire
 

What's hot (20)

Cyber threat intelligence ppt
Cyber threat intelligence pptCyber threat intelligence ppt
Cyber threat intelligence ppt
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
 
Threat intelligence in security
Threat intelligence in securityThreat intelligence in security
Threat intelligence in security
 
6 Steps for Operationalizing Threat Intelligence
6 Steps for Operationalizing Threat Intelligence6 Steps for Operationalizing Threat Intelligence
6 Steps for Operationalizing Threat Intelligence
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
 
Threat Intelligence 101 - Steve Lodin - Submitted
Threat Intelligence 101 - Steve Lodin - SubmittedThreat Intelligence 101 - Steve Lodin - Submitted
Threat Intelligence 101 - Steve Lodin - Submitted
 
Alien vault sans cyber threat intelligence
Alien vault sans cyber threat intelligenceAlien vault sans cyber threat intelligence
Alien vault sans cyber threat intelligence
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
 
Cyber Threat Intelligence Integration Center -- ONDI
Cyber Threat Intelligence Integration Center -- ONDICyber Threat Intelligence Integration Center -- ONDI
Cyber Threat Intelligence Integration Center -- ONDI
 
Ethical hacking a licence to hack
Ethical hacking a licence to hackEthical hacking a licence to hack
Ethical hacking a licence to hack
 
Introduction to Ethical Hacking
Introduction to Ethical HackingIntroduction to Ethical Hacking
Introduction to Ethical Hacking
 
Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...
Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...
Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...
 
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)Security Strategy and Tactic with Cyber Threat Intelligence (CTI)
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)
 
Using SurfWatch Labs' Threat Intelligence to Understand Third-Party Risk
Using SurfWatch Labs' Threat Intelligence to Understand Third-Party RiskUsing SurfWatch Labs' Threat Intelligence to Understand Third-Party Risk
Using SurfWatch Labs' Threat Intelligence to Understand Third-Party Risk
 
Hunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systemsHunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systems
 
SOC 3.0: strategic threat intelligence May 2016
SOC 3.0: strategic threat intelligence May 2016SOC 3.0: strategic threat intelligence May 2016
SOC 3.0: strategic threat intelligence May 2016
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinar
 
How to assess and manage cyber risk
How to assess and manage cyber riskHow to assess and manage cyber risk
How to assess and manage cyber risk
 
Mitigating Risk from Cyber Security Attacks
Mitigating Risk from Cyber Security AttacksMitigating Risk from Cyber Security Attacks
Mitigating Risk from Cyber Security Attacks
 

Viewers also liked

Operationalizing Threat Intelligence to Battle Persistent Actors
Operationalizing Threat Intelligence to Battle Persistent ActorsOperationalizing Threat Intelligence to Battle Persistent Actors
Operationalizing Threat Intelligence to Battle Persistent ActorsThreatConnect
 
Gallagher.M Exam1
Gallagher.M Exam1Gallagher.M Exam1
Gallagher.M Exam1mgalla22
 
Afghanistan.
Afghanistan.Afghanistan.
Afghanistan.mgalla22
 
Exam3 M.Gallagher
Exam3 M.GallagherExam3 M.Gallagher
Exam3 M.Gallaghermgalla22
 
Location Intelligence for Italian and UK Justice and Public Safety - BIWASumm...
Location Intelligence for Italian and UK Justice and Public Safety - BIWASumm...Location Intelligence for Italian and UK Justice and Public Safety - BIWASumm...
Location Intelligence for Italian and UK Justice and Public Safety - BIWASumm...Iconsulting
 
Parallel Session Enforcement: Emile Lindemulder, Intelligence Management and ...
Parallel Session Enforcement: Emile Lindemulder, Intelligence Management and ...Parallel Session Enforcement: Emile Lindemulder, Intelligence Management and ...
Parallel Session Enforcement: Emile Lindemulder, Intelligence Management and ...TopProductions
 
Gallaghers' i2 guidebook
Gallaghers' i2 guidebookGallaghers' i2 guidebook
Gallaghers' i2 guidebookJames Gallagher
 
2016 ISSA Conference Threat Intelligence Keynote philA
2016 ISSA Conference Threat Intelligence Keynote philA2016 ISSA Conference Threat Intelligence Keynote philA
2016 ISSA Conference Threat Intelligence Keynote philAPhil Agcaoili
 
Cyber Threat Intelligence: Who is Targeting your Information?
Cyber Threat Intelligence: Who is Targeting your Information? Cyber Threat Intelligence: Who is Targeting your Information?
Cyber Threat Intelligence: Who is Targeting your Information? Control Risks
 
Ponemon Institute Data Breaches and Sensitive Data Risk
Ponemon Institute Data Breaches and Sensitive Data RiskPonemon Institute Data Breaches and Sensitive Data Risk
Ponemon Institute Data Breaches and Sensitive Data RiskFiona Lew
 
Cash Flow Planning Solution
Cash Flow Planning SolutionCash Flow Planning Solution
Cash Flow Planning SolutionIconsulting
 
Crowd-Sourced Threat Intelligence
Crowd-Sourced Threat IntelligenceCrowd-Sourced Threat Intelligence
Crowd-Sourced Threat IntelligenceAlienVault
 
Service Culture Indicator
Service Culture IndicatorService Culture Indicator
Service Culture IndicatorUpYourService
 
Security 101 for No- techies
Security 101 for No- techiesSecurity 101 for No- techies
Security 101 for No- techiesBrenton Johnson
 
IBM Cyber Threat Analysis
IBM Cyber Threat AnalysisIBM Cyber Threat Analysis
IBM Cyber Threat AnalysisIBM Government
 
Okara history and security slides 2017
Okara history and security slides 2017Okara history and security slides 2017
Okara history and security slides 2017TAIMOOR KHAQAN
 
Cybersecurity tips for employees
Cybersecurity tips for employeesCybersecurity tips for employees
Cybersecurity tips for employeesPriscila Bernardes
 
Intelligence Analysis & Deliverables
Intelligence Analysis & DeliverablesIntelligence Analysis & Deliverables
Intelligence Analysis & DeliverablesElijah Ezendu
 
The Measure of Success: Security Metrics to Tell Your Story
The Measure of Success: Security Metrics to Tell Your StoryThe Measure of Success: Security Metrics to Tell Your Story
The Measure of Success: Security Metrics to Tell Your StoryPriyanka Aash
 
Testing Metrics - Making your tests visible
Testing Metrics - Making your tests visibleTesting Metrics - Making your tests visible
Testing Metrics - Making your tests visibleAlper Mermer
 

Viewers also liked (20)

Operationalizing Threat Intelligence to Battle Persistent Actors
Operationalizing Threat Intelligence to Battle Persistent ActorsOperationalizing Threat Intelligence to Battle Persistent Actors
Operationalizing Threat Intelligence to Battle Persistent Actors
 
Gallagher.M Exam1
Gallagher.M Exam1Gallagher.M Exam1
Gallagher.M Exam1
 
Afghanistan.
Afghanistan.Afghanistan.
Afghanistan.
 
Exam3 M.Gallagher
Exam3 M.GallagherExam3 M.Gallagher
Exam3 M.Gallagher
 
Location Intelligence for Italian and UK Justice and Public Safety - BIWASumm...
Location Intelligence for Italian and UK Justice and Public Safety - BIWASumm...Location Intelligence for Italian and UK Justice and Public Safety - BIWASumm...
Location Intelligence for Italian and UK Justice and Public Safety - BIWASumm...
 
Parallel Session Enforcement: Emile Lindemulder, Intelligence Management and ...
Parallel Session Enforcement: Emile Lindemulder, Intelligence Management and ...Parallel Session Enforcement: Emile Lindemulder, Intelligence Management and ...
Parallel Session Enforcement: Emile Lindemulder, Intelligence Management and ...
 
Gallaghers' i2 guidebook
Gallaghers' i2 guidebookGallaghers' i2 guidebook
Gallaghers' i2 guidebook
 
2016 ISSA Conference Threat Intelligence Keynote philA
2016 ISSA Conference Threat Intelligence Keynote philA2016 ISSA Conference Threat Intelligence Keynote philA
2016 ISSA Conference Threat Intelligence Keynote philA
 
Cyber Threat Intelligence: Who is Targeting your Information?
Cyber Threat Intelligence: Who is Targeting your Information? Cyber Threat Intelligence: Who is Targeting your Information?
Cyber Threat Intelligence: Who is Targeting your Information?
 
Ponemon Institute Data Breaches and Sensitive Data Risk
Ponemon Institute Data Breaches and Sensitive Data RiskPonemon Institute Data Breaches and Sensitive Data Risk
Ponemon Institute Data Breaches and Sensitive Data Risk
 
Cash Flow Planning Solution
Cash Flow Planning SolutionCash Flow Planning Solution
Cash Flow Planning Solution
 
Crowd-Sourced Threat Intelligence
Crowd-Sourced Threat IntelligenceCrowd-Sourced Threat Intelligence
Crowd-Sourced Threat Intelligence
 
Service Culture Indicator
Service Culture IndicatorService Culture Indicator
Service Culture Indicator
 
Security 101 for No- techies
Security 101 for No- techiesSecurity 101 for No- techies
Security 101 for No- techies
 
IBM Cyber Threat Analysis
IBM Cyber Threat AnalysisIBM Cyber Threat Analysis
IBM Cyber Threat Analysis
 
Okara history and security slides 2017
Okara history and security slides 2017Okara history and security slides 2017
Okara history and security slides 2017
 
Cybersecurity tips for employees
Cybersecurity tips for employeesCybersecurity tips for employees
Cybersecurity tips for employees
 
Intelligence Analysis & Deliverables
Intelligence Analysis & DeliverablesIntelligence Analysis & Deliverables
Intelligence Analysis & Deliverables
 
The Measure of Success: Security Metrics to Tell Your Story
The Measure of Success: Security Metrics to Tell Your StoryThe Measure of Success: Security Metrics to Tell Your Story
The Measure of Success: Security Metrics to Tell Your Story
 
Testing Metrics - Making your tests visible
Testing Metrics - Making your tests visibleTesting Metrics - Making your tests visible
Testing Metrics - Making your tests visible
 

Similar to 4 Rules for Successful Threat Intelligence Teams

Understanding the 8 Keys to Security Success
Understanding the 8 Keys to Security SuccessUnderstanding the 8 Keys to Security Success
Understanding the 8 Keys to Security SuccessSecurityOn-Demand
 
RH-ISAC_BuildingtheFoundation_WhitePaper.pdf
RH-ISAC_BuildingtheFoundation_WhitePaper.pdfRH-ISAC_BuildingtheFoundation_WhitePaper.pdf
RH-ISAC_BuildingtheFoundation_WhitePaper.pdfssuser2209e8
 
Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...
Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...
Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...Accenture Technology
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligenceseadeloitte
 
Risksense: 7 Experts on Threat and Vulnerability Management
Risksense: 7 Experts on Threat and Vulnerability ManagementRisksense: 7 Experts on Threat and Vulnerability Management
Risksense: 7 Experts on Threat and Vulnerability ManagementMighty Guides, Inc.
 
Top 10 Interview Questions for Risk Analyst.pptx
Top 10 Interview Questions for Risk Analyst.pptxTop 10 Interview Questions for Risk Analyst.pptx
Top 10 Interview Questions for Risk Analyst.pptxinfosec train
 
Intelligent security operations a staffing guide
Intelligent security operations a staffing guideIntelligent security operations a staffing guide
Intelligent security operations a staffing guideColleen Johnson
 
Using Threat Intelligence to Improve Your Company.pdf
Using Threat Intelligence to Improve Your Company.pdfUsing Threat Intelligence to Improve Your Company.pdf
Using Threat Intelligence to Improve Your Company.pdfCyFirma1
 
Threat intelligence life cycle steps by steps
Threat intelligence life cycle steps by stepsThreat intelligence life cycle steps by steps
Threat intelligence life cycle steps by stepsJayeshGadhave1
 
Facilitated Risk Analysis Process - Tareq Hanaysha
Facilitated Risk Analysis Process - Tareq HanayshaFacilitated Risk Analysis Process - Tareq Hanaysha
Facilitated Risk Analysis Process - Tareq HanayshaHanaysha
 
Build an Information Security Strategy
Build an Information Security StrategyBuild an Information Security Strategy
Build an Information Security StrategyAndrew Byers
 
The 7 Factors of CISO Impact
The 7 Factors of CISO ImpactThe 7 Factors of CISO Impact
The 7 Factors of CISO ImpactIANS
 
The 7 Factors of CISO Impact
The 7 Factors of CISO ImpactThe 7 Factors of CISO Impact
The 7 Factors of CISO ImpactAndrew Sanders
 
Information Assurance Guidelines For Commercial Buildings...
Information Assurance Guidelines For Commercial Buildings...Information Assurance Guidelines For Commercial Buildings...
Information Assurance Guidelines For Commercial Buildings...Laura Benitez
 
The security risk management guide
The security risk management guideThe security risk management guide
The security risk management guideSergey Erohin
 
The security risk management guide
The security risk management guideThe security risk management guide
The security risk management guideSergey Erohin
 
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAEIT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE360 BSI
 
Improve Information Security Practices in the Small Enterprise
Improve Information Security Practices in the Small EnterpriseImprove Information Security Practices in the Small Enterprise
Improve Information Security Practices in the Small EnterpriseGeorge Goodall
 

Similar to 4 Rules for Successful Threat Intelligence Teams (20)

Understanding the 8 Keys to Security Success
Understanding the 8 Keys to Security SuccessUnderstanding the 8 Keys to Security Success
Understanding the 8 Keys to Security Success
 
RH-ISAC_BuildingtheFoundation_WhitePaper.pdf
RH-ISAC_BuildingtheFoundation_WhitePaper.pdfRH-ISAC_BuildingtheFoundation_WhitePaper.pdf
RH-ISAC_BuildingtheFoundation_WhitePaper.pdf
 
Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...
Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...
Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
 
Risksense: 7 Experts on Threat and Vulnerability Management
Risksense: 7 Experts on Threat and Vulnerability ManagementRisksense: 7 Experts on Threat and Vulnerability Management
Risksense: 7 Experts on Threat and Vulnerability Management
 
Top 10 Interview Questions for Risk Analyst.pptx
Top 10 Interview Questions for Risk Analyst.pptxTop 10 Interview Questions for Risk Analyst.pptx
Top 10 Interview Questions for Risk Analyst.pptx
 
Intelligent security operations a staffing guide
Intelligent security operations a staffing guideIntelligent security operations a staffing guide
Intelligent security operations a staffing guide
 
Using Threat Intelligence to Improve Your Company.pdf
Using Threat Intelligence to Improve Your Company.pdfUsing Threat Intelligence to Improve Your Company.pdf
Using Threat Intelligence to Improve Your Company.pdf
 
Security-Brochure
Security-BrochureSecurity-Brochure
Security-Brochure
 
Security-Brochure
Security-BrochureSecurity-Brochure
Security-Brochure
 
Threat intelligence life cycle steps by steps
Threat intelligence life cycle steps by stepsThreat intelligence life cycle steps by steps
Threat intelligence life cycle steps by steps
 
Facilitated Risk Analysis Process - Tareq Hanaysha
Facilitated Risk Analysis Process - Tareq HanayshaFacilitated Risk Analysis Process - Tareq Hanaysha
Facilitated Risk Analysis Process - Tareq Hanaysha
 
Build an Information Security Strategy
Build an Information Security StrategyBuild an Information Security Strategy
Build an Information Security Strategy
 
The 7 Factors of CISO Impact
The 7 Factors of CISO ImpactThe 7 Factors of CISO Impact
The 7 Factors of CISO Impact
 
The 7 Factors of CISO Impact
The 7 Factors of CISO ImpactThe 7 Factors of CISO Impact
The 7 Factors of CISO Impact
 
Information Assurance Guidelines For Commercial Buildings...
Information Assurance Guidelines For Commercial Buildings...Information Assurance Guidelines For Commercial Buildings...
Information Assurance Guidelines For Commercial Buildings...
 
The security risk management guide
The security risk management guideThe security risk management guide
The security risk management guide
 
The security risk management guide
The security risk management guideThe security risk management guide
The security risk management guide
 
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAEIT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE
 
Improve Information Security Practices in the Small Enterprise
Improve Information Security Practices in the Small EnterpriseImprove Information Security Practices in the Small Enterprise
Improve Information Security Practices in the Small Enterprise
 

Recently uploaded

Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Hyundai Motor Group
 

Recently uploaded (20)

Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2
 

4 Rules for Successful Threat Intelligence Teams

  • 1. 1 Threat Intelligence Teams 4 Rules for Successful
  • 2. 2 Introduction To truly understand risk, an enterprise must grasp and have the capability to handle emerging information security threats to its environment. In the last few years information security has moved to the top of organizations’ risk management plans. Here are four simple rules that will help organizations build and maintain a successful threat intelligence team.
  • 3. 3 ▪ A threat intelligence team is run by people, so hiring the right people with the right skills is critical. ▪ Certain parts of threat analysis require distinct and practiced skill sets, and when building or adding to a threat intelligence team, personalities also matter. ▪ The interaction and workflow between teams should be pre-planned, and data sharing should facilitate easy integration for the teams responsible for making security verdicts. 1. Strong Talent
  • 4. 4 ▪ Proprietary threat intelligence platforms (TIPs) are tailored to the organization’s specific needs. ▪ Building powerful proprietary capabilities requires an experienced data architect to design fast and nimble data structures to seamlessly integrate external tools. ▪ The collaborative process facilitates control changes and allows the architect to deliver threat data in a format appropriate for each group. 2. Build an Infrastructure
  • 5. 5 ▪ Threat intelligence teams must know what the business identifies as levers of profitability to prioritize the identification and dissection of threat events and sources. ▪ Protecting strategic assets is the first priority, and defensive controls need to be managed as threats emerge. ▪ Threat analysts must be able to identify such things as general industry threats, trends, attacker TTPs, and commodity malware. 3. Business Profitability
  • 6. 6 ▪ To effectively set goals, executives should have insight into current and future threats. ▪ Executives need to hear from the threat intelligence team about how some threats translate to risk, and then learn how the risk of those threats can be mitigated. ▪ Organizational threats will always exist, and it’s up to the business to decide its risk tolerance. 4. Continuous Communication
  • 7. 7 Takeaway With these four pillars in mind, organizations can run an effective threat intelligence team which contributes to business success. People and tools are important parts of the process, but equally important are cross-functional collaboration and communication.
  • 8. 8