Threat intelligence is a broad topic that can solve many issues for organizations. This presentation introduces how threat intelligence can be applied across cyber, brand, physical, executive assessment, compliance and legal areas providing attendees with an introduction to insights on how to justify and build a threat intelligence program. We will also cover the key elements of TI programs including
- Assessment and requirements
- Selecting or hiring the team
- Defining team roles and functions necessary across TI programs
- Defining the key processes for TI programs including example workflows that work best across cyber, brand, phishing and social media TI monitoring
- Defining what tools (categories and functions) are necessary for TI programs
- Defining metrics and reporting that most TI programs require
- Defining connections and external relationships for TI to succeed
Finally, we show an end-to-end use case that provides a complete success story.
- Key elements of threat intelligence programs
- Threat intelligence lifecycle (from requirements to actionable mitigation)
- Practical threat intelligence use cases and examples
About Allan Thomson
As LookingGlass CTO, Allan Thomson has significant experience across network, security and distributed systems technologies. Thomson leads technical strategy, architecture and product development across all LookingGlass threat defense product lines including threat intelligence platforms and threat mitigation platforms.
He is also a co-chair of OASIS STIX/TAXII Cyber Threat Intelligence Interoperability sub-committee and recognized as OASIS Distinguished Contributor in 2017.
Prior to LookingGlass, Thomson served as principal engineer at Cisco Systems, Inc., where he led the software architecture and design of the company’s cyber threat defense system and platform exchange grid. He was responsible for overall systems management and security telemetry collection/aggregation and distributed threat analysis/intelligence services in multi-tenant public and private cloud deployments.