- CISO Series Newsletter
- Posts
- 8-15-19 - Threat Intel 101: What Do I Have and Who Wants It?
8-15-19 - Threat Intel 101: What Do I Have and Who Wants It?
Threat Intel 101: What Do I Have and Who Wants It?
This week's episode of Defense in Depth
Proactive Security
On this episode of Defense in Depth:
Co-host Allan Alford and our sponsored guest A.J. Nash, director of cyber intelligence strategy for Anomali, discuss:
You can't start a threat intelligence effort until you understand your internal threat landscape and business mission.
Sadly, very few organizations have a good answer to "What and where are your crown jewels/high valued assets?" But if you can answer that question, your threat intelligence will be far more effective.
It's possible to understand internal and external landscape in parallel. But you won't get great value of your intelligence until you understand your environment.
How do we judge the value of intelligence? It's all about dealing with costs before the "boom" vs. afterwards. Because afterwards it's far more expensive.
The reason to invest in threat intelligence is because once you know your assets, and you know what your adversaries are after, you can adjust your defenses accordingly.
If your goal is to harden everything, you're going to be very busy. It's not economically and physically possible.
Make sure you're manning the threat intelligence and incident response teams properly. This is a common misstep that many shops make.
If you don't have intelligence you're doing reactive security, which nobody wants, yet that's what many often end up doing.
Special thanks to this week's Defense in Depth podcast sponsor, Anomali.
harnesses threat data, information, and intelligence to drive effective cyber security decisions.
CISO/Security Vendor Relationship Podcast returns to NYC (9/5/19)
The CISO Series returns to New York for a live in-person recording of the CISO/Security Vendor Relationship Podcast. This time we'll be in Times Square at a WeWork location. My co-host for this special event will be JJ Agha, head of InfoSec for WeWork, and our guest will be Matt Southworth, CISO of Priceline. This event, like the one we did in February, will be co-produced with the NY Information Security Meetup group. Please register through the Meetup link.
SUBSCRIBE TO BOTH PODCASTS
Go ahead and click on any of these links to subscribe to the podcast feed of your favorite podcast catcher.
If you're already a subscriber, THANK YOU! If you like either or both shows, please tell all your friends on social media and write a review on iTunes.