Resources

With Part 2, we introduced the overall vision of a successful TI Program. In this webinar, we dig into the key elements of the TI program with concrete examples, and key components of the program that must exist including the right team, process, tools, metrics and connections.


Wednesday, July 19, 2017 | 2PM EDT

This series will describe a comprehensive “business technical approach” to the justification, definition, design, and execution of Threat Intelligence Programs.

What do we mean by ‘business technical approach’ to Threat Intelligence (TI)?

Much in the industry is focused solely on one technical aspect or another of threat intelligence data that indicates information about a specific malware family, a set of indicators that can be used to block malicious sites, campaign information that highlights a threat actors profile, and a threat actor’s tactics, techniques, and procedures. But much of the technically focused content does not discuss how organizations can gather or construct that information themselves, and even more so, how an organization would organize themselves to respond to such data. Much of the output of the industry is providing the fish to organizations rather than teaching them how to fish for themselves.

A ‘business technical approach’ is one where we define an approach focused on the business needs, the organization personnel, organizational roles & responsibilities, team structure and those elements’ interaction with technology to address the challenge of successful threat intelligence operations. Our goal is to help organizations build effective Threat Intelligence programs.

In this series, you will learn:

  • Justification and Impact of Threat Intelligence on Business Functions
  • Hiring, Skills, and Managing TI teams
  • Key roles & functions within TI teams
  • Defining the TI end-to-end process that works in every environment
  • Identifying the tools necessary to support the TI program
  • Ensuring Metrics & Reporting to drive TI program effectiveness and efficiency

We wrap the series with a real-world use case that highlights all of these aspects coming together to deliver a fully automated threat intelligence capability protecting an organization from botnets.