We are a small team who implemented threat intelligence into our daily cyber security operations. The objective for this presentation is to reinforce the idea that threat intelligence is the final enabler in any cyber security program, not just those with fully staffed Threat Intel Operators. From tactical indicator collection, processing, and implementation to operational resource prioritization and vendor selection, to strategic decisions on Company’s longer-term goals – all of the above benefit from additional information on threats, threat capabilities, interests, and trending actions. This presentation will give examples in how our organization implemented the threat intelligence program and how it enabled our operations to “clean” and maintain the hygiene in our environment. Further, we’ll discuss best-practices on how to garner support from the Board of Directors and the Enterprise Leadership Team to sponsor threat intelligence resources when needed. Attendees should walk away with ideas on how one could benefit from the threat intelligence- centric approach and how to communicate those benefits to the broader IT or business organizations.
