SlideShare a Scribd company logo

The Business Benefits of Threat Intelligence Webinar

Download as PPTX, PDF
ThreatConnect
ThreatConnect

The Businees Benefits of Threat Intelligence Take 30 minutes of your time to hear Cyber Squared Inc. CEO Adam Vincent review the need for businesses to evaluate the cost of a sophisticated threat intelligence program. Learn more about the ROI calculator that evaluates cost/benefits of threat intelligence investments and offers quantifiable financial benefits and use-cases to demonstrate the overall costs associated with data breaches, and how using threat intelligence can decrease those costs and make existing staff more efficient. Watch the full webinar here: https://attendee.gotowebinar.com/recording/7218699913172089858

Technology
1 of 18
1© Cyber Squared Inc. 2014 THE BUSINESS BENEFITS OF THREAT INTELLIGENCE 3-12-2014
2© Cyber Squared Inc. 2014 WHO AM I? • CEO of Cyber Squared Inc., the company behind ThreatConnectTM. • Founding member of the company, started in 2011. • Experience in programming, network security, penetration testing, cryptography design & cryptanalysis, identity and access control, and a detailed expertise in information security.
3© Cyber Squared Inc. 2014 AGENDA • Background • Defining ROI for Threat Intelligence • Making Assumptions Up Front • Modeling Your Expectations • Measuring the Reality • Taking Action
4© Cyber Squared Inc. 2014 WHAT MAKES GOOD THREAT INTELLIGENCE? Aggregate Analyze ActLifecycle • Accurate • Aligned with your requirements • Integrated • Predictive • Relevant • Tailored • Timely Source: Rick Holland (Principal Forrester Analyst) Blog Post Titled “Actionable Intelligence, Meet Terry Tate, Office Linebacker” Attributes to Measure Threat Intelligence:
5© Cyber Squared Inc. 2014 BUSINESS NEED ERP/Manufacturing 2015 1980’s Every other part of the business has evolved to necessitate a platform to increase productivity and measure effectiveness. It’s your turn! Enterprise Security Support/Helpdesk CRM/Sales Finance/HR Marketing
6© Cyber Squared Inc. 2014 CONNECTED COLLABORATION SOC Incident Response Threat Analysts IT/ Compliance Malware Analysts CISO/CIO Intelligence Sources Commercial Open Source Communities Sharing Internal Actionable Integrations SIEM IPS/IDS, Firewalls Gateways Endpoint, Response DLP, NAV
7© Cyber Squared Inc. 2014 TM FORUM CATALYST PHASE 2 • Going beyond: “This Threat Intelligence stuff is a great idea!”: • AT&T, Bell Canada, Birmingham City University, cVidya, ThreatConnect, Edge Technologies, EMC/RSA, MITRE, Orange, Security Fabric Alliance, Symantec, Telecom New Zealand, Telstra, and the UK MOD’s Defence Science and Technology Laboratory (DSTL). • TM Forum Sharing Threat Intelligence Catalyst Phase 2 • Phase 1: Sharing Threat Intelligence Architecture & Whitepaper • Phase 2: Defined Security Personnel Personas • Phase 2: Produced Threat Intelligence ROI Calculator • Phase 2: Demonstration showing successful implementation of Threat Intelligence sharing in support of a sophisticated Distributed Denial of Service (DDoS) use case.
8© Cyber Squared Inc. 2014 ROI OF THREAT INTELLIGENCE CostSecurity Investment Threat Intelligence Knowledge Assumptions Existing Automate Collaborate + =
9© Cyber Squared Inc. 2014 FIND MORE THREATS, FASTER 4x/Day 1x/Day 4x/Day 5x/Day 100x/Day Threat Discovery and Focused Pursuit Activities Time Comparison: with and without TI Spearphish Email Analysis and Conviction Malware Correlation with past targeting Analyze, Correlate, Database New Domains, IP Addresses, Registrant Info Track Malicious Domains, IP addresses, Registrant Info Analyst IR and Threat Correlation Tasks
10© Cyber Squared Inc. 2014 SECURITY PROCESSES • Calculator Example: 8 Step Incident Response Process: • Identify the Intrusion • Step 1: Create and task defensive signatures • Step 2: Maintain awareness of adversary changes to Threat Activity/Infrastructure • Scope the Intrusion • Step 3: Perform exploit/malware analysis • Step 4: Update signature base • Step 5: Link activity to any known groups of related activity • Mitigate/Step the Intrusion • Step 6: Take action to cut off intruder access to the network • Step 7: Monitor for changes in Threat Activity • Strategically React to Threats • Step 8: Generate reports on Threat trends for executives
11© Cyber Squared Inc. 2014 USER TYPES SOC Incident Response Threat Analysts IT/ Compliance Malware Analysts CISO/CIO
12© Cyber Squared Inc. 2014 THREAT INTELLIGENCE PERSONAS Name: Joe Role: Security Executive Motivation /Problem  My company is at risk and we need to be keeping up with threat trends  Other executives I know in my industry are being / have been targeted Identified Four Main Categories of Users: Threat Intelligence, Security Operations, Business Executives, and IT Leadership/Staff Name: Peter Role: IT Operations  I need to protect my assets  My company is at risk and we need to be keeping up with threats to my business operations Name: Jane Role: Threat Analyst  I need to make my threat analysis faster, easier, a nd more thorough without spending more money and time Name: Jack Role: Security Operations  My company and/or industry is likely being targeted  I need to protect corporate data but don’t have the resources internally or don’t know where to start
13© Cyber Squared Inc. 2014 ASSUMPTIONS • Process Assumptions: • Persona Costs – What is the hourly cost per Persona? • Steps – What are steps of the security process? • Personas Involved – Who are the actors of the process? • Knowledge Assumptions (Defined Per Process Step): • Existing – How likely is it that you will find knowledge in a finished state when you need it? • Automation – How much efficiency is gained via automation? • Collaboration – What is the efficiency gained by working with others? • Cost Assumptions: • Incidents per Year – How many events will you have that require process? • Average Cost of an Intrusion – What is the average cost of an intrusion?
14© Cyber Squared Inc. 2014 MODELING Hourly Cost per Persona Existing Automation Collaboration Make Assumptions Potential Cost of Compromise Model & Measure V1.0 contributed to TM Forum for incorporation to Fx13.5 release
15© Cyber Squared Inc. 2014 RESULTS (FROM SAMPLE) Measurement Topics Type Value Time Commitment to understand Threat to business operations Hours 200 Lower Costs to obtain a larger understanding of the threat $$ Savings $33,450 Obtain insights that would not be otherwise obvious (from existing knowledge) Insights 37% Increase Automation to increase efficiencies Efficiency 45% Increase insights due to collaboration Additional Insights 2% Total Efficiencies from applying CTI Total Efficiency/Insights 84% Number of Incidents per Year 5 Projected Annual Cost without CTI $199,000 Projected Annual Cost with CTI $31,750 Projected Annual Savings $167,250 Savings Percentage 84%
16© Cyber Squared Inc. 2014 Prioritize Plan TAKING ACTION Defend LearnUnderstand Threats to your Organization
17© Cyber Squared Inc. 2014 TAKE AWAY • You don’t have a choice • Cyber Threat Intelligence starts with understanding “Your Needs” • Sharing is a new paradigm in cyber security • This calculator helps you measure something that historically has not been measured • We would love to help you customize the calculator to quantify your own cyber threat sharing needs and efforts
18© Cyber Squared Inc. 2014 THANK YOU & QUESTIONS Download the Threat Intelligence Sharing ROI Calculator from: http://bit.ly/threatcalc Adam Vincent, CEO, avincent@cybersquared.com Visit www.ThreatConnect.com for more information.

Recommended

Dollars and Sense of Sharing Threat Intelligence
Dollars and Sense of Sharing Threat IntelligenceDollars and Sense of Sharing Threat Intelligence
Dollars and Sense of Sharing Threat IntelligenceThreatConnect
 
The Diamond Model for Intrusion Analysis - Threat Intelligence
The Diamond Model for Intrusion Analysis - Threat IntelligenceThe Diamond Model for Intrusion Analysis - Threat Intelligence
The Diamond Model for Intrusion Analysis - Threat IntelligenceThreatConnect
 
Maltego Webinar Slides
Maltego Webinar SlidesMaltego Webinar Slides
Maltego Webinar SlidesThreatConnect
 
Operationalizing Threat Intelligence to Battle Persistent Actors
Operationalizing Threat Intelligence to Battle Persistent ActorsOperationalizing Threat Intelligence to Battle Persistent Actors
Operationalizing Threat Intelligence to Battle Persistent ActorsThreatConnect
 
6 Steps for Operationalizing Threat Intelligence
6 Steps for Operationalizing Threat Intelligence6 Steps for Operationalizing Threat Intelligence
6 Steps for Operationalizing Threat IntelligenceSirius
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat IntelligencePrachi Mishra
 
Cyber threat intelligence: maturity and metrics
Cyber threat intelligence: maturity and metricsCyber threat intelligence: maturity and metrics
Cyber threat intelligence: maturity and metricsMark Arena
 
Intelligence driven defense webinar
Intelligence driven defense webinarIntelligence driven defense webinar
Intelligence driven defense webinarThreatConnect
 

Recommended

Dollars and Sense of Sharing Threat Intelligence
Dollars and Sense of Sharing Threat IntelligenceDollars and Sense of Sharing Threat Intelligence
Dollars and Sense of Sharing Threat IntelligenceThreatConnect
 
The Diamond Model for Intrusion Analysis - Threat Intelligence
The Diamond Model for Intrusion Analysis - Threat IntelligenceThe Diamond Model for Intrusion Analysis - Threat Intelligence
The Diamond Model for Intrusion Analysis - Threat IntelligenceThreatConnect
 
Maltego Webinar Slides
Maltego Webinar SlidesMaltego Webinar Slides
Maltego Webinar SlidesThreatConnect
 
Operationalizing Threat Intelligence to Battle Persistent Actors
Operationalizing Threat Intelligence to Battle Persistent ActorsOperationalizing Threat Intelligence to Battle Persistent Actors
Operationalizing Threat Intelligence to Battle Persistent ActorsThreatConnect
 
6 Steps for Operationalizing Threat Intelligence
6 Steps for Operationalizing Threat Intelligence6 Steps for Operationalizing Threat Intelligence
6 Steps for Operationalizing Threat IntelligenceSirius
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat IntelligencePrachi Mishra
 
Cyber threat intelligence: maturity and metrics
Cyber threat intelligence: maturity and metricsCyber threat intelligence: maturity and metrics
Cyber threat intelligence: maturity and metricsMark Arena
 
Intelligence driven defense webinar
Intelligence driven defense webinarIntelligence driven defense webinar
Intelligence driven defense webinarThreatConnect
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligencemohamed nasri
 
The Making of a simple Cyber Threat Intelligence Gathering System
The Making of a simple Cyber Threat Intelligence Gathering SystemThe Making of a simple Cyber Threat Intelligence Gathering System
The Making of a simple Cyber Threat Intelligence Gathering SystemNiran Seriki, CCISO, CISM
 
Threat intelligence in security
Threat intelligence in securityThreat intelligence in security
Threat intelligence in securityOsama Ellahi
 
Meet Me in the Middle: Threat Indications and Warning in Principle and Practice
Meet Me in the Middle: Threat Indications and Warning in Principle and PracticeMeet Me in the Middle: Threat Indications and Warning in Principle and Practice
Meet Me in the Middle: Threat Indications and Warning in Principle and PracticeDragos, Inc.
 
Threat Intelligence 101 - Steve Lodin - Submitted
Threat Intelligence 101 - Steve Lodin - SubmittedThreat Intelligence 101 - Steve Lodin - Submitted
Threat Intelligence 101 - Steve Lodin - SubmittedSteve Lodin
 
Welcome to the world of Cyber Threat Intelligence
Welcome to the world of Cyber Threat IntelligenceWelcome to the world of Cyber Threat Intelligence
Welcome to the world of Cyber Threat IntelligenceAndreas Sfakianakis
 
Outpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK Framework
Outpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK FrameworkOutpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK Framework
Outpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK FrameworkOutpost24
 
Bridging the Gap Between Threat Intelligence and Risk Management
Bridging the Gap Between Threat Intelligence and Risk ManagementBridging the Gap Between Threat Intelligence and Risk Management
Bridging the Gap Between Threat Intelligence and Risk ManagementPriyanka Aash
 
Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...
Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...
Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...Puneet Kukreja
 
Cyber threat Intelligence and Incident Response by:-Sandeep Singh
Cyber threat Intelligence and Incident Response by:-Sandeep SinghCyber threat Intelligence and Incident Response by:-Sandeep Singh
Cyber threat Intelligence and Incident Response by:-Sandeep SinghOWASP Delhi
 
Sans cyber-threat-intelligence-survey-2015
Sans cyber-threat-intelligence-survey-2015Sans cyber-threat-intelligence-survey-2015
Sans cyber-threat-intelligence-survey-2015Roy Ramkrishna
 
Threat Intelligence Workshop
Threat Intelligence WorkshopThreat Intelligence Workshop
Threat Intelligence WorkshopPriyanka Aash
 
Threat Intelligence Is Like Three Day Potty Training
Threat Intelligence Is Like Three Day Potty TrainingThreat Intelligence Is Like Three Day Potty Training
Threat Intelligence Is Like Three Day Potty TrainingPriyanka Aash
 
Threat Intelligence in Cyber Risk Programs
Threat Intelligence in Cyber Risk ProgramsThreat Intelligence in Cyber Risk Programs
Threat Intelligence in Cyber Risk ProgramsRahul Neel Mani
 
Save Time and Act Faster with Playbooks
Save Time and Act Faster with PlaybooksSave Time and Act Faster with Playbooks
Save Time and Act Faster with PlaybooksThreatConnect
 
Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalPriyanka Aash
 
How to Normalize Threat Intelligence Data from Multiple Sources - Tech Talk T...
How to Normalize Threat Intelligence Data from Multiple Sources - Tech Talk T...How to Normalize Threat Intelligence Data from Multiple Sources - Tech Talk T...
How to Normalize Threat Intelligence Data from Multiple Sources - Tech Talk T...AlienVault
 
Actionable Threat Intelligence
Actionable Threat IntelligenceActionable Threat Intelligence
Actionable Threat IntelligenceOWASP Delhi
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...IBM Security
 
Cyber Threat Hunting with Phirelight
Cyber Threat Hunting with PhirelightCyber Threat Hunting with Phirelight
Cyber Threat Hunting with PhirelightHostway|HOSTING
 
Informatica deber
Informatica deberInformatica deber
Informatica deberComunicador Sigsipamba Benavides
 
Melhores práticas no uso de redes sociais para o mercado imobiliário
Melhores práticas no uso de redes sociais para o mercado imobiliárioMelhores práticas no uso de redes sociais para o mercado imobiliário
Melhores práticas no uso de redes sociais para o mercado imobiliáriocorretor_global
 

More Related Content

What's hot

Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligencemohamed nasri
 
The Making of a simple Cyber Threat Intelligence Gathering System
The Making of a simple Cyber Threat Intelligence Gathering SystemThe Making of a simple Cyber Threat Intelligence Gathering System
The Making of a simple Cyber Threat Intelligence Gathering SystemNiran Seriki, CCISO, CISM
 
Threat intelligence in security
Threat intelligence in securityThreat intelligence in security
Threat intelligence in securityOsama Ellahi
 
Meet Me in the Middle: Threat Indications and Warning in Principle and Practice
Meet Me in the Middle: Threat Indications and Warning in Principle and PracticeMeet Me in the Middle: Threat Indications and Warning in Principle and Practice
Meet Me in the Middle: Threat Indications and Warning in Principle and PracticeDragos, Inc.
 
Threat Intelligence 101 - Steve Lodin - Submitted
Threat Intelligence 101 - Steve Lodin - SubmittedThreat Intelligence 101 - Steve Lodin - Submitted
Threat Intelligence 101 - Steve Lodin - SubmittedSteve Lodin
 
Welcome to the world of Cyber Threat Intelligence
Welcome to the world of Cyber Threat IntelligenceWelcome to the world of Cyber Threat Intelligence
Welcome to the world of Cyber Threat IntelligenceAndreas Sfakianakis
 
Outpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK Framework
Outpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK FrameworkOutpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK Framework
Outpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK FrameworkOutpost24
 
Bridging the Gap Between Threat Intelligence and Risk Management
Bridging the Gap Between Threat Intelligence and Risk ManagementBridging the Gap Between Threat Intelligence and Risk Management
Bridging the Gap Between Threat Intelligence and Risk ManagementPriyanka Aash
 
Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...
Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...
Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...Puneet Kukreja
 
Cyber threat Intelligence and Incident Response by:-Sandeep Singh
Cyber threat Intelligence and Incident Response by:-Sandeep SinghCyber threat Intelligence and Incident Response by:-Sandeep Singh
Cyber threat Intelligence and Incident Response by:-Sandeep SinghOWASP Delhi
 
Sans cyber-threat-intelligence-survey-2015
Sans cyber-threat-intelligence-survey-2015Sans cyber-threat-intelligence-survey-2015
Sans cyber-threat-intelligence-survey-2015Roy Ramkrishna
 
Threat Intelligence Workshop
Threat Intelligence WorkshopThreat Intelligence Workshop
Threat Intelligence WorkshopPriyanka Aash
 
Threat Intelligence Is Like Three Day Potty Training
Threat Intelligence Is Like Three Day Potty TrainingThreat Intelligence Is Like Three Day Potty Training
Threat Intelligence Is Like Three Day Potty TrainingPriyanka Aash
 
Threat Intelligence in Cyber Risk Programs
Threat Intelligence in Cyber Risk ProgramsThreat Intelligence in Cyber Risk Programs
Threat Intelligence in Cyber Risk ProgramsRahul Neel Mani
 
Save Time and Act Faster with Playbooks
Save Time and Act Faster with PlaybooksSave Time and Act Faster with Playbooks
Save Time and Act Faster with PlaybooksThreatConnect
 
Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalPriyanka Aash
 
How to Normalize Threat Intelligence Data from Multiple Sources - Tech Talk T...
How to Normalize Threat Intelligence Data from Multiple Sources - Tech Talk T...How to Normalize Threat Intelligence Data from Multiple Sources - Tech Talk T...
How to Normalize Threat Intelligence Data from Multiple Sources - Tech Talk T...AlienVault
 
Actionable Threat Intelligence
Actionable Threat IntelligenceActionable Threat Intelligence
Actionable Threat IntelligenceOWASP Delhi
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...IBM Security
 
Cyber Threat Hunting with Phirelight
Cyber Threat Hunting with PhirelightCyber Threat Hunting with Phirelight
Cyber Threat Hunting with PhirelightHostway|HOSTING
 

What's hot (20)

Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
 
The Making of a simple Cyber Threat Intelligence Gathering System
The Making of a simple Cyber Threat Intelligence Gathering SystemThe Making of a simple Cyber Threat Intelligence Gathering System
The Making of a simple Cyber Threat Intelligence Gathering System
 
Threat intelligence in security
Threat intelligence in securityThreat intelligence in security
Threat intelligence in security
 
Meet Me in the Middle: Threat Indications and Warning in Principle and Practice
Meet Me in the Middle: Threat Indications and Warning in Principle and PracticeMeet Me in the Middle: Threat Indications and Warning in Principle and Practice
Meet Me in the Middle: Threat Indications and Warning in Principle and Practice
 
Threat Intelligence 101 - Steve Lodin - Submitted
Threat Intelligence 101 - Steve Lodin - SubmittedThreat Intelligence 101 - Steve Lodin - Submitted
Threat Intelligence 101 - Steve Lodin - Submitted
 
Welcome to the world of Cyber Threat Intelligence
Welcome to the world of Cyber Threat IntelligenceWelcome to the world of Cyber Threat Intelligence
Welcome to the world of Cyber Threat Intelligence
 
Outpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK Framework
Outpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK FrameworkOutpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK Framework
Outpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK Framework
 
Bridging the Gap Between Threat Intelligence and Risk Management
Bridging the Gap Between Threat Intelligence and Risk ManagementBridging the Gap Between Threat Intelligence and Risk Management
Bridging the Gap Between Threat Intelligence and Risk Management
 
Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...
Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...
Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...
 
Cyber threat Intelligence and Incident Response by:-Sandeep Singh
Cyber threat Intelligence and Incident Response by:-Sandeep SinghCyber threat Intelligence and Incident Response by:-Sandeep Singh
Cyber threat Intelligence and Incident Response by:-Sandeep Singh
 
Sans cyber-threat-intelligence-survey-2015
Sans cyber-threat-intelligence-survey-2015Sans cyber-threat-intelligence-survey-2015
Sans cyber-threat-intelligence-survey-2015
 
Threat Intelligence Workshop
Threat Intelligence WorkshopThreat Intelligence Workshop
Threat Intelligence Workshop
 
Threat Intelligence Is Like Three Day Potty Training
Threat Intelligence Is Like Three Day Potty TrainingThreat Intelligence Is Like Three Day Potty Training
Threat Intelligence Is Like Three Day Potty Training
 
Threat Intelligence in Cyber Risk Programs
Threat Intelligence in Cyber Risk ProgramsThreat Intelligence in Cyber Risk Programs
Threat Intelligence in Cyber Risk Programs
 
Save Time and Act Faster with Playbooks
Save Time and Act Faster with PlaybooksSave Time and Act Faster with Playbooks
Save Time and Act Faster with Playbooks
 
Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formal
 
How to Normalize Threat Intelligence Data from Multiple Sources - Tech Talk T...
How to Normalize Threat Intelligence Data from Multiple Sources - Tech Talk T...How to Normalize Threat Intelligence Data from Multiple Sources - Tech Talk T...
How to Normalize Threat Intelligence Data from Multiple Sources - Tech Talk T...
 
Actionable Threat Intelligence
Actionable Threat IntelligenceActionable Threat Intelligence
Actionable Threat Intelligence
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
 
Cyber Threat Hunting with Phirelight
Cyber Threat Hunting with PhirelightCyber Threat Hunting with Phirelight
Cyber Threat Hunting with Phirelight
 

Viewers also liked

Melhores práticas no uso de redes sociais para o mercado imobiliário
Melhores práticas no uso de redes sociais para o mercado imobiliárioMelhores práticas no uso de redes sociais para o mercado imobiliário
Melhores práticas no uso de redes sociais para o mercado imobiliáriocorretor_global
 
Developing Downloadable Mobile Apps Using HTML5 and PhoneGap
Developing Downloadable Mobile Apps Using HTML5 and PhoneGapDeveloping Downloadable Mobile Apps Using HTML5 and PhoneGap
Developing Downloadable Mobile Apps Using HTML5 and PhoneGapWorklight
 
Navegadores de internet
Navegadores de internetNavegadores de internet
Navegadores de internetHenry Yu
 
ALMSecret layoutsRAG
ALMSecret layoutsRAGALMSecret layoutsRAG
ALMSecret layoutsRAGVan Howell
 
Proposal for a new park
Proposal for a new parkProposal for a new park
Proposal for a new parkDavid Dhose
 
Bingo sinfones fr_3x3_3_cartones
Bingo sinfones fr_3x3_3_cartonesBingo sinfones fr_3x3_3_cartones
Bingo sinfones fr_3x3_3_cartonesImma Clua
 
Deber primero derecho a
Deber primero derecho aDeber primero derecho a
Deber primero derecho adarmarce17
 
Advances in Breast Tumor Biomarker Discovery Methods
Advances in Breast Tumor Biomarker Discovery MethodsAdvances in Breast Tumor Biomarker Discovery Methods
Advances in Breast Tumor Biomarker Discovery MethodsThermo Fisher Scientific
 
Bulletproof conf 2014 dominic d agostino ketones final
Bulletproof conf 2014 dominic d agostino ketones finalBulletproof conf 2014 dominic d agostino ketones final
Bulletproof conf 2014 dominic d agostino ketones finalDominic D'Agostino
 
Asynchronous Programming in Android
Asynchronous Programming in AndroidAsynchronous Programming in Android
Asynchronous Programming in AndroidJohn Pendexter
 
Operational Security Intelligence
Operational Security IntelligenceOperational Security Intelligence
Operational Security IntelligenceSplunk
 
Securing Microservices using Play and Akka HTTP
Securing Microservices using Play and Akka HTTPSecuring Microservices using Play and Akka HTTP
Securing Microservices using Play and Akka HTTPRafal Gancarz
 

Viewers also liked (18)

Informatica deber
Informatica deberInformatica deber
Informatica deber
 
Melhores práticas no uso de redes sociais para o mercado imobiliário
Melhores práticas no uso de redes sociais para o mercado imobiliárioMelhores práticas no uso de redes sociais para o mercado imobiliário
Melhores práticas no uso de redes sociais para o mercado imobiliário
 
Developing Downloadable Mobile Apps Using HTML5 and PhoneGap
Developing Downloadable Mobile Apps Using HTML5 and PhoneGapDeveloping Downloadable Mobile Apps Using HTML5 and PhoneGap
Developing Downloadable Mobile Apps Using HTML5 and PhoneGap
 
Navegadores de internet
Navegadores de internetNavegadores de internet
Navegadores de internet
 
ALMSecret layoutsRAG
ALMSecret layoutsRAGALMSecret layoutsRAG
ALMSecret layoutsRAG
 
Proposal for a new park
Proposal for a new parkProposal for a new park
Proposal for a new park
 
Bingo sinfones fr_3x3_3_cartones
Bingo sinfones fr_3x3_3_cartonesBingo sinfones fr_3x3_3_cartones
Bingo sinfones fr_3x3_3_cartones
 
Deber primero derecho a
Deber primero derecho aDeber primero derecho a
Deber primero derecho a
 
Advances in Breast Tumor Biomarker Discovery Methods
Advances in Breast Tumor Biomarker Discovery MethodsAdvances in Breast Tumor Biomarker Discovery Methods
Advances in Breast Tumor Biomarker Discovery Methods
 
Bulletproof conf 2014 dominic d agostino ketones final
Bulletproof conf 2014 dominic d agostino ketones finalBulletproof conf 2014 dominic d agostino ketones final
Bulletproof conf 2014 dominic d agostino ketones final
 
Asynchronous Programming in Android
Asynchronous Programming in AndroidAsynchronous Programming in Android
Asynchronous Programming in Android
 
Operational Security Intelligence
Operational Security IntelligenceOperational Security Intelligence
Operational Security Intelligence
 
WIHP: Meta Search Advertising
WIHP: Meta Search AdvertisingWIHP: Meta Search Advertising
WIHP: Meta Search Advertising
 
Smart taxis for smart cities
Smart taxis for smart citiesSmart taxis for smart cities
Smart taxis for smart cities
 
Introducción a UML
Introducción a UMLIntroducción a UML
Introducción a UML
 
RxSwift x Realm
RxSwift x RealmRxSwift x Realm
RxSwift x Realm
 
Securing Microservices using Play and Akka HTTP
Securing Microservices using Play and Akka HTTPSecuring Microservices using Play and Akka HTTP
Securing Microservices using Play and Akka HTTP
 
130910 kihare
130910 kihare130910 kihare
130910 kihare
 

Similar to The Business Benefits of Threat Intelligence Webinar

Protecting endpoints from targeted attacks
Protecting endpoints from targeted attacksProtecting endpoints from targeted attacks
Protecting endpoints from targeted attacksAppSense
 
Battle Tested Application Security
Battle Tested Application SecurityBattle Tested Application Security
Battle Tested Application SecurityTy Sbano
 
Identity intelligence: Threat-aware Identity and Access Management
Identity intelligence: Threat-aware Identity and Access ManagementIdentity intelligence: Threat-aware Identity and Access Management
Identity intelligence: Threat-aware Identity and Access ManagementProlifics
 
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...Outpost24
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinarIntergen
 
Cyber risk management-white-paper-v8 (2) 2015
Cyber risk management-white-paper-v8 (2) 2015Cyber risk management-white-paper-v8 (2) 2015
Cyber risk management-white-paper-v8 (2) 2015Accounting_Whitepapers
 
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...Kaspersky
 
How Enterprises Can Strengthen Their Threat Detection and Response.pdf
How Enterprises Can Strengthen Their Threat Detection and Response.pdfHow Enterprises Can Strengthen Their Threat Detection and Response.pdf
How Enterprises Can Strengthen Their Threat Detection and Response.pdfEnterprise Insider
 
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...Emrah Alpa, CISSP CEH CCSK
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinarEmpired
 
Cyber Risk Quantification | Safe Security
Cyber Risk Quantification | Safe SecurityCyber Risk Quantification | Safe Security
Cyber Risk Quantification | Safe SecurityRahul Tyagi
 
4 Ways to Build your Immunity to Cyberthreats
4 Ways to Build your Immunity to Cyberthreats4 Ways to Build your Immunity to Cyberthreats
4 Ways to Build your Immunity to CyberthreatsIBM Security
 
Quantifying Cyber Risk, Insurance and The Value of Personal Data
Quantifying Cyber Risk, Insurance and The Value of Personal DataQuantifying Cyber Risk, Insurance and The Value of Personal Data
Quantifying Cyber Risk, Insurance and The Value of Personal DataSteven Schwartz
 
INFRAGARD 2014: Back to basics security
INFRAGARD 2014: Back to basics securityINFRAGARD 2014: Back to basics security
INFRAGARD 2014: Back to basics securityJoel Cardella
 
How to Mitigate Risk From Your Expanding Digital Presence
How to Mitigate Risk From Your Expanding Digital PresenceHow to Mitigate Risk From Your Expanding Digital Presence
How to Mitigate Risk From Your Expanding Digital PresenceSurfWatch Labs
 
OSB50: Operational Security: State of the Union
OSB50: Operational Security: State of the UnionOSB50: Operational Security: State of the Union
OSB50: Operational Security: State of the UnionIvanti
 

Similar to The Business Benefits of Threat Intelligence Webinar (20)

Protecting endpoints from targeted attacks
Protecting endpoints from targeted attacksProtecting endpoints from targeted attacks
Protecting endpoints from targeted attacks
 
Battle Tested Application Security
Battle Tested Application SecurityBattle Tested Application Security
Battle Tested Application Security
 
"Navigate the MDR Marketplace Like a Pro!"
"Navigate the MDR Marketplace Like a Pro!" "Navigate the MDR Marketplace Like a Pro!"
"Navigate the MDR Marketplace Like a Pro!"
 
Identity intelligence: Threat-aware Identity and Access Management
Identity intelligence: Threat-aware Identity and Access ManagementIdentity intelligence: Threat-aware Identity and Access Management
Identity intelligence: Threat-aware Identity and Access Management
 
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...
 
Secure Iowa Oct 2016
Secure Iowa Oct 2016Secure Iowa Oct 2016
Secure Iowa Oct 2016
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinar
 
Cyber risk management-white-paper-v8 (2) 2015
Cyber risk management-white-paper-v8 (2) 2015Cyber risk management-white-paper-v8 (2) 2015
Cyber risk management-white-paper-v8 (2) 2015
 
New Horizons SCYBER Presentation
New Horizons SCYBER PresentationNew Horizons SCYBER Presentation
New Horizons SCYBER Presentation
 
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
 
How Enterprises Can Strengthen Their Threat Detection and Response.pdf
How Enterprises Can Strengthen Their Threat Detection and Response.pdfHow Enterprises Can Strengthen Their Threat Detection and Response.pdf
How Enterprises Can Strengthen Their Threat Detection and Response.pdf
 
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinar
 
Cyber Risk Quantification | Safe Security
Cyber Risk Quantification | Safe SecurityCyber Risk Quantification | Safe Security
Cyber Risk Quantification | Safe Security
 
Cyber security infotech profile
Cyber security infotech profileCyber security infotech profile
Cyber security infotech profile
 
4 Ways to Build your Immunity to Cyberthreats
4 Ways to Build your Immunity to Cyberthreats4 Ways to Build your Immunity to Cyberthreats
4 Ways to Build your Immunity to Cyberthreats
 
Quantifying Cyber Risk, Insurance and The Value of Personal Data
Quantifying Cyber Risk, Insurance and The Value of Personal DataQuantifying Cyber Risk, Insurance and The Value of Personal Data
Quantifying Cyber Risk, Insurance and The Value of Personal Data
 
INFRAGARD 2014: Back to basics security
INFRAGARD 2014: Back to basics securityINFRAGARD 2014: Back to basics security
INFRAGARD 2014: Back to basics security
 
How to Mitigate Risk From Your Expanding Digital Presence
How to Mitigate Risk From Your Expanding Digital PresenceHow to Mitigate Risk From Your Expanding Digital Presence
How to Mitigate Risk From Your Expanding Digital Presence
 
OSB50: Operational Security: State of the Union
OSB50: Operational Security: State of the UnionOSB50: Operational Security: State of the Union
OSB50: Operational Security: State of the Union
 

More from ThreatConnect

Advanced Threat Hunting - BotConf 2017
Advanced Threat Hunting - BotConf 2017Advanced Threat Hunting - BotConf 2017
Advanced Threat Hunting - BotConf 2017ThreatConnect
 
Managing Indicator Deprecation in ThreatConnect
Managing Indicator Deprecation in ThreatConnectManaging Indicator Deprecation in ThreatConnect
Managing Indicator Deprecation in ThreatConnectThreatConnect
 
Does a Bear Leak in the Woods?
Does a Bear Leak in the Woods?Does a Bear Leak in the Woods?
Does a Bear Leak in the Woods?ThreatConnect
 
Threat Intelligence is a Journey; Not a Destination
Threat Intelligence is a Journey; Not a DestinationThreat Intelligence is a Journey; Not a Destination
Threat Intelligence is a Journey; Not a DestinationThreatConnect
 
Episode IV: A New Scope
Episode IV: A New ScopeEpisode IV: A New Scope
Episode IV: A New ScopeThreatConnect
 
Open Source Malware Lab
Open Source Malware LabOpen Source Malware Lab
Open Source Malware LabThreatConnect
 
The Security Industry is Suffering from Fragmentation, What Can Your Organiza...
The Security Industry is Suffering from Fragmentation, What Can Your Organiza...The Security Industry is Suffering from Fragmentation, What Can Your Organiza...
The Security Industry is Suffering from Fragmentation, What Can Your Organiza...ThreatConnect
 
Guccifer 2.0 the DNC Hack, and Fancy Bears, Oh My!
Guccifer 2.0 the DNC Hack, and Fancy Bears, Oh My!Guccifer 2.0 the DNC Hack, and Fancy Bears, Oh My!
Guccifer 2.0 the DNC Hack, and Fancy Bears, Oh My!ThreatConnect
 

More from ThreatConnect (8)

Advanced Threat Hunting - BotConf 2017
Advanced Threat Hunting - BotConf 2017Advanced Threat Hunting - BotConf 2017
Advanced Threat Hunting - BotConf 2017
 
Managing Indicator Deprecation in ThreatConnect
Managing Indicator Deprecation in ThreatConnectManaging Indicator Deprecation in ThreatConnect
Managing Indicator Deprecation in ThreatConnect
 
Does a Bear Leak in the Woods?
Does a Bear Leak in the Woods?Does a Bear Leak in the Woods?
Does a Bear Leak in the Woods?
 
Threat Intelligence is a Journey; Not a Destination
Threat Intelligence is a Journey; Not a DestinationThreat Intelligence is a Journey; Not a Destination
Threat Intelligence is a Journey; Not a Destination
 
Episode IV: A New Scope
Episode IV: A New ScopeEpisode IV: A New Scope
Episode IV: A New Scope
 
Open Source Malware Lab
Open Source Malware LabOpen Source Malware Lab
Open Source Malware Lab
 
The Security Industry is Suffering from Fragmentation, What Can Your Organiza...
The Security Industry is Suffering from Fragmentation, What Can Your Organiza...The Security Industry is Suffering from Fragmentation, What Can Your Organiza...
The Security Industry is Suffering from Fragmentation, What Can Your Organiza...
 
Guccifer 2.0 the DNC Hack, and Fancy Bears, Oh My!
Guccifer 2.0 the DNC Hack, and Fancy Bears, Oh My!Guccifer 2.0 the DNC Hack, and Fancy Bears, Oh My!
Guccifer 2.0 the DNC Hack, and Fancy Bears, Oh My!
 

Recently uploaded

Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesBoston Institute of Analytics
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 

Recently uploaded (20)

Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 

The Business Benefits of Threat Intelligence Webinar

  • 1. 1© Cyber Squared Inc. 2014 THE BUSINESS BENEFITS OF THREAT INTELLIGENCE 3-12-2014
  • 2. 2© Cyber Squared Inc. 2014 WHO AM I? • CEO of Cyber Squared Inc., the company behind ThreatConnectTM. • Founding member of the company, started in 2011. • Experience in programming, network security, penetration testing, cryptography design & cryptanalysis, identity and access control, and a detailed expertise in information security.
  • 3. 3© Cyber Squared Inc. 2014 AGENDA • Background • Defining ROI for Threat Intelligence • Making Assumptions Up Front • Modeling Your Expectations • Measuring the Reality • Taking Action
  • 4. 4© Cyber Squared Inc. 2014 WHAT MAKES GOOD THREAT INTELLIGENCE? Aggregate Analyze ActLifecycle • Accurate • Aligned with your requirements • Integrated • Predictive • Relevant • Tailored • Timely Source: Rick Holland (Principal Forrester Analyst) Blog Post Titled “Actionable Intelligence, Meet Terry Tate, Office Linebacker” Attributes to Measure Threat Intelligence:
  • 5. 5© Cyber Squared Inc. 2014 BUSINESS NEED ERP/Manufacturing 2015 1980’s Every other part of the business has evolved to necessitate a platform to increase productivity and measure effectiveness. It’s your turn! Enterprise Security Support/Helpdesk CRM/Sales Finance/HR Marketing
  • 6. 6© Cyber Squared Inc. 2014 CONNECTED COLLABORATION SOC Incident Response Threat Analysts IT/ Compliance Malware Analysts CISO/CIO Intelligence Sources Commercial Open Source Communities Sharing Internal Actionable Integrations SIEM IPS/IDS, Firewalls Gateways Endpoint, Response DLP, NAV
  • 7. 7© Cyber Squared Inc. 2014 TM FORUM CATALYST PHASE 2 • Going beyond: “This Threat Intelligence stuff is a great idea!”: • AT&T, Bell Canada, Birmingham City University, cVidya, ThreatConnect, Edge Technologies, EMC/RSA, MITRE, Orange, Security Fabric Alliance, Symantec, Telecom New Zealand, Telstra, and the UK MOD’s Defence Science and Technology Laboratory (DSTL). • TM Forum Sharing Threat Intelligence Catalyst Phase 2 • Phase 1: Sharing Threat Intelligence Architecture & Whitepaper • Phase 2: Defined Security Personnel Personas • Phase 2: Produced Threat Intelligence ROI Calculator • Phase 2: Demonstration showing successful implementation of Threat Intelligence sharing in support of a sophisticated Distributed Denial of Service (DDoS) use case.
  • 8. 8© Cyber Squared Inc. 2014 ROI OF THREAT INTELLIGENCE CostSecurity Investment Threat Intelligence Knowledge Assumptions Existing Automate Collaborate + =
  • 9. 9© Cyber Squared Inc. 2014 FIND MORE THREATS, FASTER 4x/Day 1x/Day 4x/Day 5x/Day 100x/Day Threat Discovery and Focused Pursuit Activities Time Comparison: with and without TI Spearphish Email Analysis and Conviction Malware Correlation with past targeting Analyze, Correlate, Database New Domains, IP Addresses, Registrant Info Track Malicious Domains, IP addresses, Registrant Info Analyst IR and Threat Correlation Tasks
  • 10. 10© Cyber Squared Inc. 2014 SECURITY PROCESSES • Calculator Example: 8 Step Incident Response Process: • Identify the Intrusion • Step 1: Create and task defensive signatures • Step 2: Maintain awareness of adversary changes to Threat Activity/Infrastructure • Scope the Intrusion • Step 3: Perform exploit/malware analysis • Step 4: Update signature base • Step 5: Link activity to any known groups of related activity • Mitigate/Step the Intrusion • Step 6: Take action to cut off intruder access to the network • Step 7: Monitor for changes in Threat Activity • Strategically React to Threats • Step 8: Generate reports on Threat trends for executives
  • 11. 11© Cyber Squared Inc. 2014 USER TYPES SOC Incident Response Threat Analysts IT/ Compliance Malware Analysts CISO/CIO
  • 12. 12© Cyber Squared Inc. 2014 THREAT INTELLIGENCE PERSONAS Name: Joe Role: Security Executive Motivation /Problem  My company is at risk and we need to be keeping up with threat trends  Other executives I know in my industry are being / have been targeted Identified Four Main Categories of Users: Threat Intelligence, Security Operations, Business Executives, and IT Leadership/Staff Name: Peter Role: IT Operations  I need to protect my assets  My company is at risk and we need to be keeping up with threats to my business operations Name: Jane Role: Threat Analyst  I need to make my threat analysis faster, easier, a nd more thorough without spending more money and time Name: Jack Role: Security Operations  My company and/or industry is likely being targeted  I need to protect corporate data but don’t have the resources internally or don’t know where to start
  • 13. 13© Cyber Squared Inc. 2014 ASSUMPTIONS • Process Assumptions: • Persona Costs – What is the hourly cost per Persona? • Steps – What are steps of the security process? • Personas Involved – Who are the actors of the process? • Knowledge Assumptions (Defined Per Process Step): • Existing – How likely is it that you will find knowledge in a finished state when you need it? • Automation – How much efficiency is gained via automation? • Collaboration – What is the efficiency gained by working with others? • Cost Assumptions: • Incidents per Year – How many events will you have that require process? • Average Cost of an Intrusion – What is the average cost of an intrusion?
  • 14. 14© Cyber Squared Inc. 2014 MODELING Hourly Cost per Persona Existing Automation Collaboration Make Assumptions Potential Cost of Compromise Model & Measure V1.0 contributed to TM Forum for incorporation to Fx13.5 release
  • 15. 15© Cyber Squared Inc. 2014 RESULTS (FROM SAMPLE) Measurement Topics Type Value Time Commitment to understand Threat to business operations Hours 200 Lower Costs to obtain a larger understanding of the threat $$ Savings $33,450 Obtain insights that would not be otherwise obvious (from existing knowledge) Insights 37% Increase Automation to increase efficiencies Efficiency 45% Increase insights due to collaboration Additional Insights 2% Total Efficiencies from applying CTI Total Efficiency/Insights 84% Number of Incidents per Year 5 Projected Annual Cost without CTI $199,000 Projected Annual Cost with CTI $31,750 Projected Annual Savings $167,250 Savings Percentage 84%
  • 16. 16© Cyber Squared Inc. 2014 Prioritize Plan TAKING ACTION Defend LearnUnderstand Threats to your Organization
  • 17. 17© Cyber Squared Inc. 2014 TAKE AWAY • You don’t have a choice • Cyber Threat Intelligence starts with understanding “Your Needs” • Sharing is a new paradigm in cyber security • This calculator helps you measure something that historically has not been measured • We would love to help you customize the calculator to quantify your own cyber threat sharing needs and efforts
  • 18. 18© Cyber Squared Inc. 2014 THANK YOU & QUESTIONS Download the Threat Intelligence Sharing ROI Calculator from: http://bit.ly/threatcalc Adam Vincent, CEO, avincent@cybersquared.com Visit www.ThreatConnect.com for more information.