Professional Documents
Culture Documents
Key Functionalities of A Modern Cyber Threat Intelligence Program - Jerry Caponera
Key Functionalities of A Modern Cyber Threat Intelligence Program - Jerry Caponera
Key Functionalities of A Modern Cyber Threat Intelligence Program - Jerry Caponera
of a Modern Cyber
Threat
Intelligence
Program
ThreatConnect.com
Copyright © 2021 ThreatConnect, Inc.
Speaker
Gerald Caponera
VP Cyber Risk Strategy
37.8% | Unknown
No
58.0% | No
Only 4% of respondents said yes.
ode
aM
h to
Pat
FOUNDATIONAL
Threat Risk
No business involvement
Figure 6. CTI Team Composition
ThreatConnect.com Copyright © 2021 ThreatConnect, Inc.
12
And it shows in the measurement of the
“usefulness of CTI”
Increased level of High (10/10) - on Being Cash $10,000,000 ● Buy new tool
Not all risks and threats will spear phishing all key systems Researched (business ● Update network
attacks email security
be mitigated - some will be compromise) ● Outsource email
accepted. hosting
New Vulnerability Low (1/10) - only in UNC2452 / Revenue for $5,000,000 ● Remediate
identified trial environment Dark Halo critical Software
(Solarwinds) only systems ● Replace vendor
● Accept
Financial risk
Everyone knows security is overloaded work wise Patch
top CVE
– not everyone understands what that means
RQ
STRATEGY
TIP SOAR
OPERATIONS
● Automate proactive/
● Adversaries reactive processes
● Attack Types ● Orchestrate
Vulnerability response
● Tactics/Exploits
● Mitigate Attack Types
ThreatConnect.com
18
Details embedded
to empower decisions
ThreatConnect.com
19
With financial risk prioritization
and reporting
ThreatConnect.com
20
Thank You!
ThreatConnect.com