In this final part of the CSO Series, we will describe how successful TI Programs can fully deliver on reducing risk in organizations. What does success look like for an effective TI Program when it is fully integrated into organizations security framework.
Thursday, August 24, 2017 | 2PM EDT
This series will describe a comprehensive “business technical approach” to the justification, definition, design, and execution of Threat Intelligence Programs.
What do we mean by ‘business technical approach’ to Threat Intelligence (TI)?
Much in the industry is focused solely on one technical aspect or another of threat intelligence data that indicates information about a specific malware family, a set of indicators that can be used to block malicious sites, campaign information that highlights a threat actors profile, and a threat actor’s tactics, techniques, and procedures. But much of the technically focused content does not discuss how organizations can gather or construct that information themselves, and even more so, how an organization would organize themselves to respond to such data. Much of the output of the industry is providing the fish to organizations rather than teaching them how to fish for themselves.
A ‘business technical approach’ is one where we define an approach focused on the business needs, the organization personnel, organizational roles & responsibilities, team structure and those elements’ interaction with technology to address the challenge of successful threat intelligence operations. Our goal is to help organizations build effective Threat Intelligence programs.
In this series, you will learn:
- Justification and Impact of Threat Intelligence on Business Functions
- Hiring, Skills, and Managing TI teams
- Key roles & functions within TI teams
- Defining the TI end-to-end process that works in every environment
- Identifying the tools necessary to support the TI program
- Ensuring Metrics & Reporting to drive TI program effectiveness and efficiency
We wrap the series with a real-world use case that highlights all of these aspects coming together to deliver a fully automated threat intelligence capability protecting an organization from botnets.