- Josh Lefkowitz, CEO, Flashpoint
- Tom Knickerbocker, Global Head Cyber Intelligence, Financial Services
- Chris Camacho, Cofounder & Chief Executive Officer, NinjaJobs
- Anthony Vitello, Senior Vice President Global Information Security, Citigroup
- John LaCour, CEO PhishLabs, Cyber Security
- Jeff Combs, Recruitment Leader, Cyber Security
- Andrew Richardson, Associate Director, EY
- 8 Senior Executives in the financial services, computer network and security, and telecommunications industry
- Organizations have limited visibility into their threat landscape, and as such are vulnerable to the latest attacks, hindering business practices, workflow, revenue generation, and damaging their public image.
- Organizations are developing ad hoc intelligence capabilities that result in operational inefficiencies, the misalignment of resources, and the misuse of their security technology investments.
- It is difficult to communicate the value of a threat intelligence solution when trying to secure organizational buy-in and the appropriate resourcing.
- There is a vast array of “intelligence” in varying formats, often resulting in information overload.
- Information alone is not actionable. A successful threat intelligence program contextualizes threat data, aligns intelligence with business objectives, and then builds processes to satisfy those objectives.
- Your security controls are diminishing in value (if they haven’t already). As technology in the industry evolves, threat actors will inevitably adopt new tools, tactics, and procedures; a threat intelligence program can provide relevant situational awareness to stay on top of the rapidly-evolving threat landscape.
- Your organization might not be the final target, but it could be a primary path for attackers. If you exist as a third-party partner to another organization, your responsibility in your technology ecosystem extends beyond your own product/service offerings. Threat intelligence provides visibility into the latest threats, which can help you avoid becoming a backdoor in the next big data breach.
Impact and Result
- Assess the needs and intelligence requirements of key stakeholders.
- Garner organizational buy-in from senior management.
- Identify organizational intelligence gaps and structure your efforts accordingly.
- Understand the different collection solutions to identify which best supports your needs.
- Optimize the analysis process by leveraging automation and industry best practices.
- Establish a comprehensive threat knowledge portal.
- Define critical threat escalation protocol.
- Produce and share actionable intelligence with your constituency.
- Create a deployment strategy to roll out the threat intelligence program.
- Integrate threat intelligence within your security operations.
This guided implementation is an eight call advisory process.
Guided Implementation #1 - Plan for a threat intelligence program
Call #1 - Project kick-off call
Call #2 - Plan your ideal target state
Guided Implementation #2 - Design an intelligence collection strategy
Call #1 - Conduct organizational intelligence needs assessment
Call #2 - Map internal/external data sourcing to intelligence needs
Guided Implementation #3 - Optimize the intelligence analysis process
Call #1 - Optimize your analysis process
Call #2 - Develop an intelligence action plan
Guided Implementation #4 - Design a collaboration and feedback program