Speaking at the Threat Intelligence Summit 2015

MISTI’s Threat Intelligence Summit 2015 is coming to Orlando September 29-30, and I’ll be speaking there on:

___

Separating Threat Intelligence from FUD: An Enterprise Approach

A breach here, an NSA expose there – cybersecurity’s constantly in the news. Fear, uncertainty and doubt (FUD) fills the air. Exotic new threat intelligence services, security analytics solutions and even self-proclaimed “APT prevention” products swarm in the market. Security pros may find funding easier to get in this climate, but they must make sure to bring back some lasting value. Threat intelligence IS important, but in the Internet’s murky attribution environment it’s hard to make it actionable. Still, effective threat assessment can be accomplished even in large, complex enterprise environments. In this presentation, Security Architect’s Managing Partner Dan Blum will cover:

• When to focus on threats, and when to focus on vulnerabilities
• Threat modeling and attack graph analysis by type of threats
• How to incorporate threat intelligence into security monitoring and incident response processes
• Making threat intelligence actionable for IT security, physical security, application security and other enterprise lines of business

___

Those of you who’ve read “How Mature are your Enterprise Security Data Sharing Practices?” and similar posts know of our interest in threat intelligence and security data sharing. I’m enjoying putting together the slides for the Threat Intelligence Summit this week and expect to have more on threat intelligence to share with readers soon!