Building a Threat Intelligence Program

Overview

Explore threat intelligence program development, addressing misconceptions, leveraging open-source tools, and enhancing operations while navigating challenges in cybersecurity.

Syllabus

• Introduction to Threat Intelligence
Defining Threat Intelligence
The Importance of Threat Intelligence in Cybersecurity
Common Misconceptions
• Building the Foundation of a Threat Intelligence Program
Identifying Program Objectives
Understanding Stakeholder Needs
Developing Key Performance Indicators (KPIs)
• Threat Intelligence Data Sources
Leveraging Open-Source Intelligence (OSINT)
Utilizing Commercial Threat Intelligence Feeds
Collaborating with Industry Partners and ISACs
• Tools and Technologies
Overview of Threat Intelligence Platforms (TIPs)
Implementing Open-Source Tools
Integration with Security Information and Event Management (SIEM) Systems
• Analyzing and Evaluating Threat Data
Threat Research and Data Collection Techniques
Data Normalization and Contextualization
Developing Threat Models and Personas
• Operationalizing Threat Intelligence
Incident Response and Threat Intelligence
Threat Intelligence Sharing and Collaboration
Enhancing Security Operations with Threat Intelligence
• Navigating Challenges in Threat Intelligence
Addressing Data Privacy and Legal Concerns
Overcoming Alert Fatigue and Information Overload
Continuous Evaluation and Program Improvement
• Case Studies and Real-World Applications
Analyzing Successful Threat Intelligence Programs
Lessons Learned from Notable Cybersecurity Incidents
• Conclusion and Next Steps
Building a Roadmap for Threat Intelligence Maturity
Future Trends in Threat Intelligence
Continuing Education and Professional Development Resources

Subjects

Conference Talks