Back
#128
July 3, 2023

EP128 Building Enterprise Threat Intelligence: The Who, What, Where, and Why

Guest:

27:27

Subscribe at Google Podcasts.

Subscribe at Spotify.

Subscribe at Apple Podcasts.

Topics covered:

  • You have created a new intelligence class focused on building enterprise threat intelligence capability, so what is the profile of an organization and profile for a person that benefits the most from the class?
  • There are many places to learn threat intel (TI), what is special about your new class? 
  • You talk about country cyber operations in the class, so what is the defender - relevant difference between, say, DPRK and Iran cyber doctrines? More generally, how do defenders benefit from such per country intel?
  • Can you really predict what the state-affiliated attackers would do to your organization based on the country doctrine?
  • In many minds, TI is connected to attribution. What is your best advice on attribution to CISOs of well-resourced organizations? What about mainstream organizations?
  • Overall we see a lot of organizations still failing to operationalize TI, especially strategic TI, how does this help them?

Do you have something cool to share? Some questions? Let us know:

View more episodes