Stop Tilting at Windmills: 3 Key Lessons that CTI Teams Should Learn from the Past - SANS CTI Summit
Вставка
- Опубліковано 16 чер 2020
- Since the publication of Mandiant's APT1 report in 2013, cyber threat intelligence (CTI) has been widely adopted by private organizations all over the world. There have been both successes and failures in trying to develop cyber threat capabilities and add value to businesses. As a community, it is critical to capture the relevant lessons learned from these experiences and conduct a status check on these first years of applied CTI.
This presentation aims to identify areas where organizations should put more focus in order to stop tilting at windmills. We will deep dive into three major areas where most current CTI teams struggle: (1) intelligence direction (specifically, stakeholder identification and collection of intelligence requirements); (2) intelligence reporting and dissemination; and (3) the skills sets of CTI analysts.
Takeaways for attendees will include recognizing the significance of requirements for the intelligence cycle; identifying key stakeholders; understanding how classic intelligence approaches can be applied to CTI production/reporting; learning from success stories on disseminating intelligence products and capturing feedback; understanding the variety of competencies of CTI teams; and improving ways to work within CTI teams comprised of analysts with different backgrounds and experience levels.
Andreas Sfakianakis, @asfakian, Cyber Threat Intelligence Analyst - Наука та технологія
Excellent presentation. Thanks Andreas & SANS