SlideShare a Scribd company logo

The Business Benefits of Threat Intelligence Webinar

Download as PPTX, PDF
ThreatConnect
ThreatConnect

The Businees Benefits of Threat Intelligence Take 30 minutes of your time to hear Cyber Squared Inc. CEO Adam Vincent review the need for businesses to evaluate the cost of a sophisticated threat intelligence program. Learn more about the ROI calculator that evaluates cost/benefits of threat intelligence investments and offers quantifiable financial benefits and use-cases to demonstrate the overall costs associated with data breaches, and how using threat intelligence can decrease those costs and make existing staff more efficient. Watch the full webinar here: https://attendee.gotowebinar.com/recording/7218699913172089858

Technology
1 of 18
1© Cyber Squared Inc. 2014 THE BUSINESS BENEFITS OF THREAT INTELLIGENCE 3-12-2014
2© Cyber Squared Inc. 2014 WHO AM I? • CEO of Cyber Squared Inc., the company behind ThreatConnectTM. • Founding member of the company, started in 2011. • Experience in programming, network security, penetration testing, cryptography design & cryptanalysis, identity and access control, and a detailed expertise in information security.
3© Cyber Squared Inc. 2014 AGENDA • Background • Defining ROI for Threat Intelligence • Making Assumptions Up Front • Modeling Your Expectations • Measuring the Reality • Taking Action
4© Cyber Squared Inc. 2014 WHAT MAKES GOOD THREAT INTELLIGENCE? Aggregate Analyze ActLifecycle • Accurate • Aligned with your requirements • Integrated • Predictive • Relevant • Tailored • Timely Source: Rick Holland (Principal Forrester Analyst) Blog Post Titled “Actionable Intelligence, Meet Terry Tate, Office Linebacker” Attributes to Measure Threat Intelligence:
5© Cyber Squared Inc. 2014 BUSINESS NEED ERP/Manufacturing 2015 1980’s Every other part of the business has evolved to necessitate a platform to increase productivity and measure effectiveness. It’s your turn! Enterprise Security Support/Helpdesk CRM/Sales Finance/HR Marketing
6© Cyber Squared Inc. 2014 CONNECTED COLLABORATION SOC Incident Response Threat Analysts IT/ Compliance Malware Analysts CISO/CIO Intelligence Sources Commercial Open Source Communities Sharing Internal Actionable Integrations SIEM IPS/IDS, Firewalls Gateways Endpoint, Response DLP, NAV
7© Cyber Squared Inc. 2014 TM FORUM CATALYST PHASE 2 • Going beyond: “This Threat Intelligence stuff is a great idea!”: • AT&T, Bell Canada, Birmingham City University, cVidya, ThreatConnect, Edge Technologies, EMC/RSA, MITRE, Orange, Security Fabric Alliance, Symantec, Telecom New Zealand, Telstra, and the UK MOD’s Defence Science and Technology Laboratory (DSTL). • TM Forum Sharing Threat Intelligence Catalyst Phase 2 • Phase 1: Sharing Threat Intelligence Architecture & Whitepaper • Phase 2: Defined Security Personnel Personas • Phase 2: Produced Threat Intelligence ROI Calculator • Phase 2: Demonstration showing successful implementation of Threat Intelligence sharing in support of a sophisticated Distributed Denial of Service (DDoS) use case.
8© Cyber Squared Inc. 2014 ROI OF THREAT INTELLIGENCE CostSecurity Investment Threat Intelligence Knowledge Assumptions Existing Automate Collaborate + =
9© Cyber Squared Inc. 2014 FIND MORE THREATS, FASTER 4x/Day 1x/Day 4x/Day 5x/Day 100x/Day Threat Discovery and Focused Pursuit Activities Time Comparison: with and without TI Spearphish Email Analysis and Conviction Malware Correlation with past targeting Analyze, Correlate, Database New Domains, IP Addresses, Registrant Info Track Malicious Domains, IP addresses, Registrant Info Analyst IR and Threat Correlation Tasks
10© Cyber Squared Inc. 2014 SECURITY PROCESSES • Calculator Example: 8 Step Incident Response Process: • Identify the Intrusion • Step 1: Create and task defensive signatures • Step 2: Maintain awareness of adversary changes to Threat Activity/Infrastructure • Scope the Intrusion • Step 3: Perform exploit/malware analysis • Step 4: Update signature base • Step 5: Link activity to any known groups of related activity • Mitigate/Step the Intrusion • Step 6: Take action to cut off intruder access to the network • Step 7: Monitor for changes in Threat Activity • Strategically React to Threats • Step 8: Generate reports on Threat trends for executives
11© Cyber Squared Inc. 2014 USER TYPES SOC Incident Response Threat Analysts IT/ Compliance Malware Analysts CISO/CIO
12© Cyber Squared Inc. 2014 THREAT INTELLIGENCE PERSONAS Name: Joe Role: Security Executive Motivation /Problem  My company is at risk and we need to be keeping up with threat trends  Other executives I know in my industry are being / have been targeted Identified Four Main Categories of Users: Threat Intelligence, Security Operations, Business Executives, and IT Leadership/Staff Name: Peter Role: IT Operations  I need to protect my assets  My company is at risk and we need to be keeping up with threats to my business operations Name: Jane Role: Threat Analyst  I need to make my threat analysis faster, easier, a nd more thorough without spending more money and time Name: Jack Role: Security Operations  My company and/or industry is likely being targeted  I need to protect corporate data but don’t have the resources internally or don’t know where to start
13© Cyber Squared Inc. 2014 ASSUMPTIONS • Process Assumptions: • Persona Costs – What is the hourly cost per Persona? • Steps – What are steps of the security process? • Personas Involved – Who are the actors of the process? • Knowledge Assumptions (Defined Per Process Step): • Existing – How likely is it that you will find knowledge in a finished state when you need it? • Automation – How much efficiency is gained via automation? • Collaboration – What is the efficiency gained by working with others? • Cost Assumptions: • Incidents per Year – How many events will you have that require process? • Average Cost of an Intrusion – What is the average cost of an intrusion?
14© Cyber Squared Inc. 2014 MODELING Hourly Cost per Persona Existing Automation Collaboration Make Assumptions Potential Cost of Compromise Model & Measure V1.0 contributed to TM Forum for incorporation to Fx13.5 release
15© Cyber Squared Inc. 2014 RESULTS (FROM SAMPLE) Measurement Topics Type Value Time Commitment to understand Threat to business operations Hours 200 Lower Costs to obtain a larger understanding of the threat $$ Savings $33,450 Obtain insights that would not be otherwise obvious (from existing knowledge) Insights 37% Increase Automation to increase efficiencies Efficiency 45% Increase insights due to collaboration Additional Insights 2% Total Efficiencies from applying CTI Total Efficiency/Insights 84% Number of Incidents per Year 5 Projected Annual Cost without CTI $199,000 Projected Annual Cost with CTI $31,750 Projected Annual Savings $167,250 Savings Percentage 84%
16© Cyber Squared Inc. 2014 Prioritize Plan TAKING ACTION Defend LearnUnderstand Threats to your Organization
17© Cyber Squared Inc. 2014 TAKE AWAY • You don’t have a choice • Cyber Threat Intelligence starts with understanding “Your Needs” • Sharing is a new paradigm in cyber security • This calculator helps you measure something that historically has not been measured • We would love to help you customize the calculator to quantify your own cyber threat sharing needs and efforts
18© Cyber Squared Inc. 2014 THANK YOU & QUESTIONS Download the Threat Intelligence Sharing ROI Calculator from: http://bit.ly/threatcalc Adam Vincent, CEO, avincent@cybersquared.com Visit www.ThreatConnect.com for more information.

Recommended

Dollars and Sense of Sharing Threat Intelligence
Dollars and Sense of Sharing Threat IntelligenceDollars and Sense of Sharing Threat Intelligence
Dollars and Sense of Sharing Threat IntelligenceThreatConnect
 
The Diamond Model for Intrusion Analysis - Threat Intelligence
The Diamond Model for Intrusion Analysis - Threat IntelligenceThe Diamond Model for Intrusion Analysis - Threat Intelligence
The Diamond Model for Intrusion Analysis - Threat IntelligenceThreatConnect
 
Maltego Webinar Slides
Maltego Webinar SlidesMaltego Webinar Slides
Maltego Webinar SlidesThreatConnect
 
Operationalizing Threat Intelligence to Battle Persistent Actors
Operationalizing Threat Intelligence to Battle Persistent ActorsOperationalizing Threat Intelligence to Battle Persistent Actors
Operationalizing Threat Intelligence to Battle Persistent ActorsThreatConnect
 
6 Steps for Operationalizing Threat Intelligence
6 Steps for Operationalizing Threat Intelligence6 Steps for Operationalizing Threat Intelligence
6 Steps for Operationalizing Threat IntelligenceSirius
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat IntelligencePrachi Mishra
 
Cyber threat intelligence: maturity and metrics
Cyber threat intelligence: maturity and metricsCyber threat intelligence: maturity and metrics
Cyber threat intelligence: maturity and metricsMark Arena
 
Intelligence driven defense webinar
Intelligence driven defense webinarIntelligence driven defense webinar
Intelligence driven defense webinarThreatConnect
 

Recommended

Dollars and Sense of Sharing Threat Intelligence
Dollars and Sense of Sharing Threat IntelligenceDollars and Sense of Sharing Threat Intelligence
Dollars and Sense of Sharing Threat IntelligenceThreatConnect
 
The Diamond Model for Intrusion Analysis - Threat Intelligence
The Diamond Model for Intrusion Analysis - Threat IntelligenceThe Diamond Model for Intrusion Analysis - Threat Intelligence
The Diamond Model for Intrusion Analysis - Threat IntelligenceThreatConnect
 
Maltego Webinar Slides
Maltego Webinar SlidesMaltego Webinar Slides
Maltego Webinar SlidesThreatConnect
 
Operationalizing Threat Intelligence to Battle Persistent Actors
Operationalizing Threat Intelligence to Battle Persistent ActorsOperationalizing Threat Intelligence to Battle Persistent Actors
Operationalizing Threat Intelligence to Battle Persistent ActorsThreatConnect
 
6 Steps for Operationalizing Threat Intelligence
6 Steps for Operationalizing Threat Intelligence6 Steps for Operationalizing Threat Intelligence
6 Steps for Operationalizing Threat IntelligenceSirius
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat IntelligencePrachi Mishra
 
Cyber threat intelligence: maturity and metrics
Cyber threat intelligence: maturity and metricsCyber threat intelligence: maturity and metrics
Cyber threat intelligence: maturity and metricsMark Arena
 
Intelligence driven defense webinar
Intelligence driven defense webinarIntelligence driven defense webinar
Intelligence driven defense webinarThreatConnect
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligencemohamed nasri
 
The Making of a simple Cyber Threat Intelligence Gathering System
The Making of a simple Cyber Threat Intelligence Gathering SystemThe Making of a simple Cyber Threat Intelligence Gathering System
The Making of a simple Cyber Threat Intelligence Gathering SystemNiran Seriki, CCISO, CISM
 
Threat intelligence in security
Threat intelligence in securityThreat intelligence in security
Threat intelligence in securityOsama Ellahi
 
Meet Me in the Middle: Threat Indications and Warning in Principle and Practice
Meet Me in the Middle: Threat Indications and Warning in Principle and PracticeMeet Me in the Middle: Threat Indications and Warning in Principle and Practice
Meet Me in the Middle: Threat Indications and Warning in Principle and PracticeDragos, Inc.
 
Threat Intelligence 101 - Steve Lodin - Submitted
Threat Intelligence 101 - Steve Lodin - SubmittedThreat Intelligence 101 - Steve Lodin - Submitted
Threat Intelligence 101 - Steve Lodin - SubmittedSteve Lodin
 
Welcome to the world of Cyber Threat Intelligence
Welcome to the world of Cyber Threat IntelligenceWelcome to the world of Cyber Threat Intelligence
Welcome to the world of Cyber Threat IntelligenceAndreas Sfakianakis
 
Outpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK Framework
Outpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK FrameworkOutpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK Framework
Outpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK FrameworkOutpost24
 
Bridging the Gap Between Threat Intelligence and Risk Management
Bridging the Gap Between Threat Intelligence and Risk ManagementBridging the Gap Between Threat Intelligence and Risk Management
Bridging the Gap Between Threat Intelligence and Risk ManagementPriyanka Aash
 
Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...
Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...
Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...Puneet Kukreja
 
Cyber threat Intelligence and Incident Response by:-Sandeep Singh
Cyber threat Intelligence and Incident Response by:-Sandeep SinghCyber threat Intelligence and Incident Response by:-Sandeep Singh
Cyber threat Intelligence and Incident Response by:-Sandeep SinghOWASP Delhi
 
Sans cyber-threat-intelligence-survey-2015
Sans cyber-threat-intelligence-survey-2015Sans cyber-threat-intelligence-survey-2015
Sans cyber-threat-intelligence-survey-2015Roy Ramkrishna
 
Threat Intelligence Workshop
Threat Intelligence WorkshopThreat Intelligence Workshop
Threat Intelligence WorkshopPriyanka Aash
 
Threat Intelligence Is Like Three Day Potty Training
Threat Intelligence Is Like Three Day Potty TrainingThreat Intelligence Is Like Three Day Potty Training
Threat Intelligence Is Like Three Day Potty TrainingPriyanka Aash
 
Threat Intelligence in Cyber Risk Programs
Threat Intelligence in Cyber Risk ProgramsThreat Intelligence in Cyber Risk Programs
Threat Intelligence in Cyber Risk ProgramsRahul Neel Mani
 
Save Time and Act Faster with Playbooks
Save Time and Act Faster with PlaybooksSave Time and Act Faster with Playbooks
Save Time and Act Faster with PlaybooksThreatConnect
 
Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalPriyanka Aash
 
How to Normalize Threat Intelligence Data from Multiple Sources - Tech Talk T...
How to Normalize Threat Intelligence Data from Multiple Sources - Tech Talk T...How to Normalize Threat Intelligence Data from Multiple Sources - Tech Talk T...
How to Normalize Threat Intelligence Data from Multiple Sources - Tech Talk T...AlienVault
 
Actionable Threat Intelligence
Actionable Threat IntelligenceActionable Threat Intelligence
Actionable Threat IntelligenceOWASP Delhi
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...IBM Security
 
Cyber Threat Hunting with Phirelight
Cyber Threat Hunting with PhirelightCyber Threat Hunting with Phirelight
Cyber Threat Hunting with PhirelightHostway|HOSTING
 
Informatica deber
Informatica deberInformatica deber
Informatica deberComunicador Sigsipamba Benavides
 
Melhores práticas no uso de redes sociais para o mercado imobiliário
Melhores práticas no uso de redes sociais para o mercado imobiliárioMelhores práticas no uso de redes sociais para o mercado imobiliário
Melhores práticas no uso de redes sociais para o mercado imobiliáriocorretor_global
 

More Related Content

What's hot

Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligencemohamed nasri
 
The Making of a simple Cyber Threat Intelligence Gathering System
The Making of a simple Cyber Threat Intelligence Gathering SystemThe Making of a simple Cyber Threat Intelligence Gathering System
The Making of a simple Cyber Threat Intelligence Gathering SystemNiran Seriki, CCISO, CISM
 
Threat intelligence in security
Threat intelligence in securityThreat intelligence in security
Threat intelligence in securityOsama Ellahi
 
Meet Me in the Middle: Threat Indications and Warning in Principle and Practice
Meet Me in the Middle: Threat Indications and Warning in Principle and PracticeMeet Me in the Middle: Threat Indications and Warning in Principle and Practice
Meet Me in the Middle: Threat Indications and Warning in Principle and PracticeDragos, Inc.
 
Threat Intelligence 101 - Steve Lodin - Submitted
Threat Intelligence 101 - Steve Lodin - SubmittedThreat Intelligence 101 - Steve Lodin - Submitted
Threat Intelligence 101 - Steve Lodin - SubmittedSteve Lodin
 
Welcome to the world of Cyber Threat Intelligence
Welcome to the world of Cyber Threat IntelligenceWelcome to the world of Cyber Threat Intelligence
Welcome to the world of Cyber Threat IntelligenceAndreas Sfakianakis
 
Outpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK Framework
Outpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK FrameworkOutpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK Framework
Outpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK FrameworkOutpost24
 
Bridging the Gap Between Threat Intelligence and Risk Management
Bridging the Gap Between Threat Intelligence and Risk ManagementBridging the Gap Between Threat Intelligence and Risk Management
Bridging the Gap Between Threat Intelligence and Risk ManagementPriyanka Aash
 
Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...
Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...
Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...Puneet Kukreja
 
Cyber threat Intelligence and Incident Response by:-Sandeep Singh
Cyber threat Intelligence and Incident Response by:-Sandeep SinghCyber threat Intelligence and Incident Response by:-Sandeep Singh
Cyber threat Intelligence and Incident Response by:-Sandeep SinghOWASP Delhi
 
Sans cyber-threat-intelligence-survey-2015
Sans cyber-threat-intelligence-survey-2015Sans cyber-threat-intelligence-survey-2015
Sans cyber-threat-intelligence-survey-2015Roy Ramkrishna
 
Threat Intelligence Workshop
Threat Intelligence WorkshopThreat Intelligence Workshop
Threat Intelligence WorkshopPriyanka Aash
 
Threat Intelligence Is Like Three Day Potty Training
Threat Intelligence Is Like Three Day Potty TrainingThreat Intelligence Is Like Three Day Potty Training
Threat Intelligence Is Like Three Day Potty TrainingPriyanka Aash
 
Threat Intelligence in Cyber Risk Programs
Threat Intelligence in Cyber Risk ProgramsThreat Intelligence in Cyber Risk Programs
Threat Intelligence in Cyber Risk ProgramsRahul Neel Mani
 
Save Time and Act Faster with Playbooks
Save Time and Act Faster with PlaybooksSave Time and Act Faster with Playbooks
Save Time and Act Faster with PlaybooksThreatConnect
 
Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalPriyanka Aash
 
How to Normalize Threat Intelligence Data from Multiple Sources - Tech Talk T...
How to Normalize Threat Intelligence Data from Multiple Sources - Tech Talk T...How to Normalize Threat Intelligence Data from Multiple Sources - Tech Talk T...
How to Normalize Threat Intelligence Data from Multiple Sources - Tech Talk T...AlienVault
 
Actionable Threat Intelligence
Actionable Threat IntelligenceActionable Threat Intelligence
Actionable Threat IntelligenceOWASP Delhi
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...IBM Security
 
Cyber Threat Hunting with Phirelight
Cyber Threat Hunting with PhirelightCyber Threat Hunting with Phirelight
Cyber Threat Hunting with PhirelightHostway|HOSTING
 

What's hot (20)

Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
 
The Making of a simple Cyber Threat Intelligence Gathering System
The Making of a simple Cyber Threat Intelligence Gathering SystemThe Making of a simple Cyber Threat Intelligence Gathering System
The Making of a simple Cyber Threat Intelligence Gathering System
 
Threat intelligence in security
Threat intelligence in securityThreat intelligence in security
Threat intelligence in security
 
Meet Me in the Middle: Threat Indications and Warning in Principle and Practice
Meet Me in the Middle: Threat Indications and Warning in Principle and PracticeMeet Me in the Middle: Threat Indications and Warning in Principle and Practice
Meet Me in the Middle: Threat Indications and Warning in Principle and Practice
 
Threat Intelligence 101 - Steve Lodin - Submitted
Threat Intelligence 101 - Steve Lodin - SubmittedThreat Intelligence 101 - Steve Lodin - Submitted
Threat Intelligence 101 - Steve Lodin - Submitted
 
Welcome to the world of Cyber Threat Intelligence
Welcome to the world of Cyber Threat IntelligenceWelcome to the world of Cyber Threat Intelligence
Welcome to the world of Cyber Threat Intelligence
 
Outpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK Framework
Outpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK FrameworkOutpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK Framework
Outpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK Framework
 
Bridging the Gap Between Threat Intelligence and Risk Management
Bridging the Gap Between Threat Intelligence and Risk ManagementBridging the Gap Between Threat Intelligence and Risk Management
Bridging the Gap Between Threat Intelligence and Risk Management
 
Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...
Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...
Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...
 
Cyber threat Intelligence and Incident Response by:-Sandeep Singh
Cyber threat Intelligence and Incident Response by:-Sandeep SinghCyber threat Intelligence and Incident Response by:-Sandeep Singh
Cyber threat Intelligence and Incident Response by:-Sandeep Singh
 
Sans cyber-threat-intelligence-survey-2015
Sans cyber-threat-intelligence-survey-2015Sans cyber-threat-intelligence-survey-2015
Sans cyber-threat-intelligence-survey-2015
 
Threat Intelligence Workshop
Threat Intelligence WorkshopThreat Intelligence Workshop
Threat Intelligence Workshop
 
Threat Intelligence Is Like Three Day Potty Training
Threat Intelligence Is Like Three Day Potty TrainingThreat Intelligence Is Like Three Day Potty Training
Threat Intelligence Is Like Three Day Potty Training
 
Threat Intelligence in Cyber Risk Programs
Threat Intelligence in Cyber Risk ProgramsThreat Intelligence in Cyber Risk Programs
Threat Intelligence in Cyber Risk Programs
 
Save Time and Act Faster with Playbooks
Save Time and Act Faster with PlaybooksSave Time and Act Faster with Playbooks
Save Time and Act Faster with Playbooks
 
Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formal
 
How to Normalize Threat Intelligence Data from Multiple Sources - Tech Talk T...
How to Normalize Threat Intelligence Data from Multiple Sources - Tech Talk T...How to Normalize Threat Intelligence Data from Multiple Sources - Tech Talk T...
How to Normalize Threat Intelligence Data from Multiple Sources - Tech Talk T...
 
Actionable Threat Intelligence
Actionable Threat IntelligenceActionable Threat Intelligence
Actionable Threat Intelligence
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
 
Cyber Threat Hunting with Phirelight
Cyber Threat Hunting with PhirelightCyber Threat Hunting with Phirelight
Cyber Threat Hunting with Phirelight
 

Viewers also liked

Melhores práticas no uso de redes sociais para o mercado imobiliário
Melhores práticas no uso de redes sociais para o mercado imobiliárioMelhores práticas no uso de redes sociais para o mercado imobiliário
Melhores práticas no uso de redes sociais para o mercado imobiliáriocorretor_global
 
Developing Downloadable Mobile Apps Using HTML5 and PhoneGap
Developing Downloadable Mobile Apps Using HTML5 and PhoneGapDeveloping Downloadable Mobile Apps Using HTML5 and PhoneGap
Developing Downloadable Mobile Apps Using HTML5 and PhoneGapWorklight
 
Navegadores de internet
Navegadores de internetNavegadores de internet
Navegadores de internetHenry Yu
 
ALMSecret layoutsRAG
ALMSecret layoutsRAGALMSecret layoutsRAG
ALMSecret layoutsRAGVan Howell
 
Proposal for a new park
Proposal for a new parkProposal for a new park
Proposal for a new parkDavid Dhose
 
Bingo sinfones fr_3x3_3_cartones
Bingo sinfones fr_3x3_3_cartonesBingo sinfones fr_3x3_3_cartones
Bingo sinfones fr_3x3_3_cartonesImma Clua
 
Deber primero derecho a
Deber primero derecho aDeber primero derecho a
Deber primero derecho adarmarce17
 
Advances in Breast Tumor Biomarker Discovery Methods
Advances in Breast Tumor Biomarker Discovery MethodsAdvances in Breast Tumor Biomarker Discovery Methods
Advances in Breast Tumor Biomarker Discovery MethodsThermo Fisher Scientific
 
Bulletproof conf 2014 dominic d agostino ketones final
Bulletproof conf 2014 dominic d agostino ketones finalBulletproof conf 2014 dominic d agostino ketones final
Bulletproof conf 2014 dominic d agostino ketones finalDominic D'Agostino
 
Asynchronous Programming in Android
Asynchronous Programming in AndroidAsynchronous Programming in Android
Asynchronous Programming in AndroidJohn Pendexter
 
Operational Security Intelligence
Operational Security IntelligenceOperational Security Intelligence
Operational Security IntelligenceSplunk
 
Securing Microservices using Play and Akka HTTP
Securing Microservices using Play and Akka HTTPSecuring Microservices using Play and Akka HTTP
Securing Microservices using Play and Akka HTTPRafal Gancarz
 

Viewers also liked (18)

Informatica deber
Informatica deberInformatica deber
Informatica deber
 
Melhores práticas no uso de redes sociais para o mercado imobiliário
Melhores práticas no uso de redes sociais para o mercado imobiliárioMelhores práticas no uso de redes sociais para o mercado imobiliário
Melhores práticas no uso de redes sociais para o mercado imobiliário
 
Developing Downloadable Mobile Apps Using HTML5 and PhoneGap
Developing Downloadable Mobile Apps Using HTML5 and PhoneGapDeveloping Downloadable Mobile Apps Using HTML5 and PhoneGap
Developing Downloadable Mobile Apps Using HTML5 and PhoneGap
 
Navegadores de internet
Navegadores de internetNavegadores de internet
Navegadores de internet
 
ALMSecret layoutsRAG
ALMSecret layoutsRAGALMSecret layoutsRAG
ALMSecret layoutsRAG
 
Proposal for a new park
Proposal for a new parkProposal for a new park
Proposal for a new park
 
Bingo sinfones fr_3x3_3_cartones
Bingo sinfones fr_3x3_3_cartonesBingo sinfones fr_3x3_3_cartones
Bingo sinfones fr_3x3_3_cartones
 
Deber primero derecho a
Deber primero derecho aDeber primero derecho a
Deber primero derecho a
 
Advances in Breast Tumor Biomarker Discovery Methods
Advances in Breast Tumor Biomarker Discovery MethodsAdvances in Breast Tumor Biomarker Discovery Methods
Advances in Breast Tumor Biomarker Discovery Methods
 
Bulletproof conf 2014 dominic d agostino ketones final
Bulletproof conf 2014 dominic d agostino ketones finalBulletproof conf 2014 dominic d agostino ketones final
Bulletproof conf 2014 dominic d agostino ketones final
 
Asynchronous Programming in Android
Asynchronous Programming in AndroidAsynchronous Programming in Android
Asynchronous Programming in Android
 
Operational Security Intelligence
Operational Security IntelligenceOperational Security Intelligence
Operational Security Intelligence
 
WIHP: Meta Search Advertising
WIHP: Meta Search AdvertisingWIHP: Meta Search Advertising
WIHP: Meta Search Advertising
 
Smart taxis for smart cities
Smart taxis for smart citiesSmart taxis for smart cities
Smart taxis for smart cities
 
Introducción a UML
Introducción a UMLIntroducción a UML
Introducción a UML
 
RxSwift x Realm
RxSwift x RealmRxSwift x Realm
RxSwift x Realm
 
Securing Microservices using Play and Akka HTTP
Securing Microservices using Play and Akka HTTPSecuring Microservices using Play and Akka HTTP
Securing Microservices using Play and Akka HTTP
 
130910 kihare
130910 kihare130910 kihare
130910 kihare
 

Similar to The Business Benefits of Threat Intelligence Webinar

Protecting endpoints from targeted attacks
Protecting endpoints from targeted attacksProtecting endpoints from targeted attacks
Protecting endpoints from targeted attacksAppSense
 
Battle Tested Application Security
Battle Tested Application SecurityBattle Tested Application Security
Battle Tested Application SecurityTy Sbano
 
Identity intelligence: Threat-aware Identity and Access Management
Identity intelligence: Threat-aware Identity and Access ManagementIdentity intelligence: Threat-aware Identity and Access Management
Identity intelligence: Threat-aware Identity and Access ManagementProlifics
 
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...Outpost24
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinarIntergen
 
Cyber risk management-white-paper-v8 (2) 2015
Cyber risk management-white-paper-v8 (2) 2015Cyber risk management-white-paper-v8 (2) 2015
Cyber risk management-white-paper-v8 (2) 2015Accounting_Whitepapers
 
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...Kaspersky
 
How Enterprises Can Strengthen Their Threat Detection and Response.pdf
How Enterprises Can Strengthen Their Threat Detection and Response.pdfHow Enterprises Can Strengthen Their Threat Detection and Response.pdf
How Enterprises Can Strengthen Their Threat Detection and Response.pdfEnterprise Insider
 
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...Emrah Alpa, CISSP CEH CCSK
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinarEmpired
 
Cyber Risk Quantification | Safe Security
Cyber Risk Quantification | Safe SecurityCyber Risk Quantification | Safe Security
Cyber Risk Quantification | Safe SecurityRahul Tyagi
 
4 Ways to Build your Immunity to Cyberthreats
4 Ways to Build your Immunity to Cyberthreats4 Ways to Build your Immunity to Cyberthreats
4 Ways to Build your Immunity to CyberthreatsIBM Security
 
Quantifying Cyber Risk, Insurance and The Value of Personal Data
Quantifying Cyber Risk, Insurance and The Value of Personal DataQuantifying Cyber Risk, Insurance and The Value of Personal Data
Quantifying Cyber Risk, Insurance and The Value of Personal DataSteven Schwartz
 
INFRAGARD 2014: Back to basics security
INFRAGARD 2014: Back to basics securityINFRAGARD 2014: Back to basics security
INFRAGARD 2014: Back to basics securityJoel Cardella
 
How to Mitigate Risk From Your Expanding Digital Presence
How to Mitigate Risk From Your Expanding Digital PresenceHow to Mitigate Risk From Your Expanding Digital Presence
How to Mitigate Risk From Your Expanding Digital PresenceSurfWatch Labs
 
OSB50: Operational Security: State of the Union
OSB50: Operational Security: State of the UnionOSB50: Operational Security: State of the Union
OSB50: Operational Security: State of the UnionIvanti
 

Similar to The Business Benefits of Threat Intelligence Webinar (20)

Protecting endpoints from targeted attacks
Protecting endpoints from targeted attacksProtecting endpoints from targeted attacks
Protecting endpoints from targeted attacks
 
Battle Tested Application Security
Battle Tested Application SecurityBattle Tested Application Security
Battle Tested Application Security
 
"Navigate the MDR Marketplace Like a Pro!"
"Navigate the MDR Marketplace Like a Pro!" "Navigate the MDR Marketplace Like a Pro!"
"Navigate the MDR Marketplace Like a Pro!"
 
Identity intelligence: Threat-aware Identity and Access Management
Identity intelligence: Threat-aware Identity and Access ManagementIdentity intelligence: Threat-aware Identity and Access Management
Identity intelligence: Threat-aware Identity and Access Management
 
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...
 
Secure Iowa Oct 2016
Secure Iowa Oct 2016Secure Iowa Oct 2016
Secure Iowa Oct 2016
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinar
 
Cyber risk management-white-paper-v8 (2) 2015
Cyber risk management-white-paper-v8 (2) 2015Cyber risk management-white-paper-v8 (2) 2015
Cyber risk management-white-paper-v8 (2) 2015
 
New Horizons SCYBER Presentation
New Horizons SCYBER PresentationNew Horizons SCYBER Presentation
New Horizons SCYBER Presentation
 
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
 
How Enterprises Can Strengthen Their Threat Detection and Response.pdf
How Enterprises Can Strengthen Their Threat Detection and Response.pdfHow Enterprises Can Strengthen Their Threat Detection and Response.pdf
How Enterprises Can Strengthen Their Threat Detection and Response.pdf
 
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinar
 
Cyber Risk Quantification | Safe Security
Cyber Risk Quantification | Safe SecurityCyber Risk Quantification | Safe Security
Cyber Risk Quantification | Safe Security
 
Cyber security infotech profile
Cyber security infotech profileCyber security infotech profile
Cyber security infotech profile
 
4 Ways to Build your Immunity to Cyberthreats
4 Ways to Build your Immunity to Cyberthreats4 Ways to Build your Immunity to Cyberthreats
4 Ways to Build your Immunity to Cyberthreats
 
Quantifying Cyber Risk, Insurance and The Value of Personal Data
Quantifying Cyber Risk, Insurance and The Value of Personal DataQuantifying Cyber Risk, Insurance and The Value of Personal Data
Quantifying Cyber Risk, Insurance and The Value of Personal Data
 
INFRAGARD 2014: Back to basics security
INFRAGARD 2014: Back to basics securityINFRAGARD 2014: Back to basics security
INFRAGARD 2014: Back to basics security
 
How to Mitigate Risk From Your Expanding Digital Presence
How to Mitigate Risk From Your Expanding Digital PresenceHow to Mitigate Risk From Your Expanding Digital Presence
How to Mitigate Risk From Your Expanding Digital Presence
 
OSB50: Operational Security: State of the Union
OSB50: Operational Security: State of the UnionOSB50: Operational Security: State of the Union
OSB50: Operational Security: State of the Union
 

More from ThreatConnect

Advanced Threat Hunting - BotConf 2017
Advanced Threat Hunting - BotConf 2017Advanced Threat Hunting - BotConf 2017
Advanced Threat Hunting - BotConf 2017ThreatConnect
 
Managing Indicator Deprecation in ThreatConnect
Managing Indicator Deprecation in ThreatConnectManaging Indicator Deprecation in ThreatConnect
Managing Indicator Deprecation in ThreatConnectThreatConnect
 
Does a Bear Leak in the Woods?
Does a Bear Leak in the Woods?Does a Bear Leak in the Woods?
Does a Bear Leak in the Woods?ThreatConnect
 
Threat Intelligence is a Journey; Not a Destination
Threat Intelligence is a Journey; Not a DestinationThreat Intelligence is a Journey; Not a Destination
Threat Intelligence is a Journey; Not a DestinationThreatConnect
 
Episode IV: A New Scope
Episode IV: A New ScopeEpisode IV: A New Scope
Episode IV: A New ScopeThreatConnect
 
Open Source Malware Lab
Open Source Malware LabOpen Source Malware Lab
Open Source Malware LabThreatConnect
 
The Security Industry is Suffering from Fragmentation, What Can Your Organiza...
The Security Industry is Suffering from Fragmentation, What Can Your Organiza...The Security Industry is Suffering from Fragmentation, What Can Your Organiza...
The Security Industry is Suffering from Fragmentation, What Can Your Organiza...ThreatConnect
 
Guccifer 2.0 the DNC Hack, and Fancy Bears, Oh My!
Guccifer 2.0 the DNC Hack, and Fancy Bears, Oh My!Guccifer 2.0 the DNC Hack, and Fancy Bears, Oh My!
Guccifer 2.0 the DNC Hack, and Fancy Bears, Oh My!ThreatConnect
 

More from ThreatConnect (8)

Advanced Threat Hunting - BotConf 2017
Advanced Threat Hunting - BotConf 2017Advanced Threat Hunting - BotConf 2017
Advanced Threat Hunting - BotConf 2017
 
Managing Indicator Deprecation in ThreatConnect
Managing Indicator Deprecation in ThreatConnectManaging Indicator Deprecation in ThreatConnect
Managing Indicator Deprecation in ThreatConnect
 
Does a Bear Leak in the Woods?
Does a Bear Leak in the Woods?Does a Bear Leak in the Woods?
Does a Bear Leak in the Woods?
 
Threat Intelligence is a Journey; Not a Destination
Threat Intelligence is a Journey; Not a DestinationThreat Intelligence is a Journey; Not a Destination
Threat Intelligence is a Journey; Not a Destination
 
Episode IV: A New Scope
Episode IV: A New ScopeEpisode IV: A New Scope
Episode IV: A New Scope
 
Open Source Malware Lab
Open Source Malware LabOpen Source Malware Lab
Open Source Malware Lab
 
The Security Industry is Suffering from Fragmentation, What Can Your Organiza...
The Security Industry is Suffering from Fragmentation, What Can Your Organiza...The Security Industry is Suffering from Fragmentation, What Can Your Organiza...
The Security Industry is Suffering from Fragmentation, What Can Your Organiza...
 
Guccifer 2.0 the DNC Hack, and Fancy Bears, Oh My!
Guccifer 2.0 the DNC Hack, and Fancy Bears, Oh My!Guccifer 2.0 the DNC Hack, and Fancy Bears, Oh My!
Guccifer 2.0 the DNC Hack, and Fancy Bears, Oh My!
 

Recently uploaded

How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 

Recently uploaded (20)

How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 

The Business Benefits of Threat Intelligence Webinar

  • 1. 1© Cyber Squared Inc. 2014 THE BUSINESS BENEFITS OF THREAT INTELLIGENCE 3-12-2014
  • 2. 2© Cyber Squared Inc. 2014 WHO AM I? • CEO of Cyber Squared Inc., the company behind ThreatConnectTM. • Founding member of the company, started in 2011. • Experience in programming, network security, penetration testing, cryptography design & cryptanalysis, identity and access control, and a detailed expertise in information security.
  • 3. 3© Cyber Squared Inc. 2014 AGENDA • Background • Defining ROI for Threat Intelligence • Making Assumptions Up Front • Modeling Your Expectations • Measuring the Reality • Taking Action
  • 4. 4© Cyber Squared Inc. 2014 WHAT MAKES GOOD THREAT INTELLIGENCE? Aggregate Analyze ActLifecycle • Accurate • Aligned with your requirements • Integrated • Predictive • Relevant • Tailored • Timely Source: Rick Holland (Principal Forrester Analyst) Blog Post Titled “Actionable Intelligence, Meet Terry Tate, Office Linebacker” Attributes to Measure Threat Intelligence:
  • 5. 5© Cyber Squared Inc. 2014 BUSINESS NEED ERP/Manufacturing 2015 1980’s Every other part of the business has evolved to necessitate a platform to increase productivity and measure effectiveness. It’s your turn! Enterprise Security Support/Helpdesk CRM/Sales Finance/HR Marketing
  • 6. 6© Cyber Squared Inc. 2014 CONNECTED COLLABORATION SOC Incident Response Threat Analysts IT/ Compliance Malware Analysts CISO/CIO Intelligence Sources Commercial Open Source Communities Sharing Internal Actionable Integrations SIEM IPS/IDS, Firewalls Gateways Endpoint, Response DLP, NAV
  • 7. 7© Cyber Squared Inc. 2014 TM FORUM CATALYST PHASE 2 • Going beyond: “This Threat Intelligence stuff is a great idea!”: • AT&T, Bell Canada, Birmingham City University, cVidya, ThreatConnect, Edge Technologies, EMC/RSA, MITRE, Orange, Security Fabric Alliance, Symantec, Telecom New Zealand, Telstra, and the UK MOD’s Defence Science and Technology Laboratory (DSTL). • TM Forum Sharing Threat Intelligence Catalyst Phase 2 • Phase 1: Sharing Threat Intelligence Architecture & Whitepaper • Phase 2: Defined Security Personnel Personas • Phase 2: Produced Threat Intelligence ROI Calculator • Phase 2: Demonstration showing successful implementation of Threat Intelligence sharing in support of a sophisticated Distributed Denial of Service (DDoS) use case.
  • 8. 8© Cyber Squared Inc. 2014 ROI OF THREAT INTELLIGENCE CostSecurity Investment Threat Intelligence Knowledge Assumptions Existing Automate Collaborate + =
  • 9. 9© Cyber Squared Inc. 2014 FIND MORE THREATS, FASTER 4x/Day 1x/Day 4x/Day 5x/Day 100x/Day Threat Discovery and Focused Pursuit Activities Time Comparison: with and without TI Spearphish Email Analysis and Conviction Malware Correlation with past targeting Analyze, Correlate, Database New Domains, IP Addresses, Registrant Info Track Malicious Domains, IP addresses, Registrant Info Analyst IR and Threat Correlation Tasks
  • 10. 10© Cyber Squared Inc. 2014 SECURITY PROCESSES • Calculator Example: 8 Step Incident Response Process: • Identify the Intrusion • Step 1: Create and task defensive signatures • Step 2: Maintain awareness of adversary changes to Threat Activity/Infrastructure • Scope the Intrusion • Step 3: Perform exploit/malware analysis • Step 4: Update signature base • Step 5: Link activity to any known groups of related activity • Mitigate/Step the Intrusion • Step 6: Take action to cut off intruder access to the network • Step 7: Monitor for changes in Threat Activity • Strategically React to Threats • Step 8: Generate reports on Threat trends for executives
  • 11. 11© Cyber Squared Inc. 2014 USER TYPES SOC Incident Response Threat Analysts IT/ Compliance Malware Analysts CISO/CIO
  • 12. 12© Cyber Squared Inc. 2014 THREAT INTELLIGENCE PERSONAS Name: Joe Role: Security Executive Motivation /Problem  My company is at risk and we need to be keeping up with threat trends  Other executives I know in my industry are being / have been targeted Identified Four Main Categories of Users: Threat Intelligence, Security Operations, Business Executives, and IT Leadership/Staff Name: Peter Role: IT Operations  I need to protect my assets  My company is at risk and we need to be keeping up with threats to my business operations Name: Jane Role: Threat Analyst  I need to make my threat analysis faster, easier, a nd more thorough without spending more money and time Name: Jack Role: Security Operations  My company and/or industry is likely being targeted  I need to protect corporate data but don’t have the resources internally or don’t know where to start
  • 13. 13© Cyber Squared Inc. 2014 ASSUMPTIONS • Process Assumptions: • Persona Costs – What is the hourly cost per Persona? • Steps – What are steps of the security process? • Personas Involved – Who are the actors of the process? • Knowledge Assumptions (Defined Per Process Step): • Existing – How likely is it that you will find knowledge in a finished state when you need it? • Automation – How much efficiency is gained via automation? • Collaboration – What is the efficiency gained by working with others? • Cost Assumptions: • Incidents per Year – How many events will you have that require process? • Average Cost of an Intrusion – What is the average cost of an intrusion?
  • 14. 14© Cyber Squared Inc. 2014 MODELING Hourly Cost per Persona Existing Automation Collaboration Make Assumptions Potential Cost of Compromise Model & Measure V1.0 contributed to TM Forum for incorporation to Fx13.5 release
  • 15. 15© Cyber Squared Inc. 2014 RESULTS (FROM SAMPLE) Measurement Topics Type Value Time Commitment to understand Threat to business operations Hours 200 Lower Costs to obtain a larger understanding of the threat $$ Savings $33,450 Obtain insights that would not be otherwise obvious (from existing knowledge) Insights 37% Increase Automation to increase efficiencies Efficiency 45% Increase insights due to collaboration Additional Insights 2% Total Efficiencies from applying CTI Total Efficiency/Insights 84% Number of Incidents per Year 5 Projected Annual Cost without CTI $199,000 Projected Annual Cost with CTI $31,750 Projected Annual Savings $167,250 Savings Percentage 84%
  • 16. 16© Cyber Squared Inc. 2014 Prioritize Plan TAKING ACTION Defend LearnUnderstand Threats to your Organization
  • 17. 17© Cyber Squared Inc. 2014 TAKE AWAY • You don’t have a choice • Cyber Threat Intelligence starts with understanding “Your Needs” • Sharing is a new paradigm in cyber security • This calculator helps you measure something that historically has not been measured • We would love to help you customize the calculator to quantify your own cyber threat sharing needs and efforts
  • 18. 18© Cyber Squared Inc. 2014 THANK YOU & QUESTIONS Download the Threat Intelligence Sharing ROI Calculator from: http://bit.ly/threatcalc Adam Vincent, CEO, avincent@cybersquared.com Visit www.ThreatConnect.com for more information.