|Tuesday, December 5, 2023
|Threat intelligence: Using what’s right in front of you
When people think of threat intelligence, the focus is often about being able to afford the latest and greatest tools on the market. But there are plenty of free sources of threat intelligence if you know where to look. In this interview with CRA’s Bill Brenner, Reddit Head of Software Security Matt Johansen discusses some of the readily available sources he turns to on a daily basis.
|Matt Johansen - Reddit
|The Anatomy of a Cyberattack
Even the phrase sounds fearsome — cyberattack. And well, it should. They’re basically silent, deadly, pernicious attacks during which cybercriminals may steal, damage, or encrypt your data, so it becomes useless to you. In this last case, you may receive a demand that you pay a large ransom to get them to decrypt your data so you can use it again. Ransomware is among the most prevalent cyberattacks, but there are many others.
|Zac Warren - EMEA
|Practical Threat Intelligence Use-Cases for Your Security Operations
"Threat Intelligence" can be a source of a tactical advantage for security teams, or it can become a distraction. The key is knowing what kind of data you're working with, and how best to utilize it. In this talk we will focus on methods, techniques, and operational processes that can take advantage of threat data, or threat intelligence, to help your security operations team defend more effectively, and at greater scale. The focus will be on practical applications of threat data and intelligence - from threat-hunting, to rapidly operationalizing block lists, and other potential applications for security teams.
|Rafal Los - ExtraHop
Johnathon Brandis - ExtraHop
|Top Five Risks of Not Investing in EM
Cyberattacks increased by 38% last year, with the average cost of a single attack reaching $4.35 million. A key reason for attacker success? Organizations are struggling with publicly-exposed and unmanaged internet assets, thanks to the continued rise of remote workforces, multi-cloud adoption, and the proliferation of IoT devices. Teams can’t protect what they can’t see – and attackers are taking advantage. To minimize the risk of cyber attacks, security leaders need Exposure Management. Exposure Management is a proactive approach to cybersecurity that involves continually evaluating your digital assets' visibility, accessibility, and vulnerabilities. CISOs, cybersecurity analysts, and federal governments recognize the significance of Exposure Management, with 92% of security leaders considering or implementing a solution in the next 12 months. Join "The Top 5 Risks of Not Investing in Exposure Management,” webinar to learn more about exposure management and why it should be on every security leader’s radar.
|Celestine Jahren - Censys
|Wednesday, December 6, 2023
|The future of threat intelligence and how to prepare
The threat intelligence space is evolving rapidly, and organizations are clamoring for the latest tools and techniques. But incorporating these into the daily workings of a business are not without challenges. Joining CRA’s Bill Brenner to discuss those challenges, how today’s developments will affect the future of threat intelligence and how to prepare is Mark Weatherford, SVP and Chief Security Officer at AlertEnterprise and Chief Strategy Officer and a Director on the board at the National Cybersecurity Center.
|Mark Weatherford - National Cybersecurity Center
|Operationalizing threat intelligence in the SOC: Challenges and solutions
Organizations are vigorously pursuing new threat intelligence tools and techniques. But security professionals have found that threat intelligence is much more difficult to operationalize in their SOCs than initially anticipated. Joining CRA’s Bill Brenner to unpack the challenges and potential solutions is Michael Farnum, an Advisory CISO and 30-year veteran of the IT and information security fields.
|How to Use Data Threat Analytics to Fight Ransomware
In 2022, a typical organization secured 227 BETB of data with averages of 155 BETB on-premises, 63 BETB for cloud, and 10 TB for SaaS.1
Given this data volume, how can you identify risks to all of it?
Join this webinar to learn how to:
|Vir Choksi - Rubrik
|Driving Intelligence with MITRE ATT&CK: Leveraging Limited Resources to Build an Evolving Threat Repository
Building a threat intelligence repository is challenging, even under the most ideal circumstances. But what if you are even more limited in your resources? You are part of a small (but skilled) team, with high expectations, and people are relying on you to make business-critical decisions…all the time! What do you do in that situation? Turn a Toyota Tercel into a tank, of course.
The Interpres Security Threat Intelligence team found itself in that exact situation. Wanting to leverage the MITRE ATT&CK catalog in creating a comprehensive and timely threat intelligence repository, the Interpres team built a series of tools, processes, and paradigms that we call Intelligence Engineering. In this talk, we’ll examine how we combined ATT&CK, STIX2, the Vertex Project’s open-source intelligence platform, Synapse, and custom code to deliver meaningful, rapid, verifiable intelligence to our customers. We’ll share lessons learned on automation, how to run multiple ATT&CK libraries side-by-side and making programmatic intelligence delivery scalable and effective – just like building a tank out of an imported sedan.
|Scott J Roberts - Interpres Security
|Threat intelligence: Breaking down myths around intel sharing
Security experts have long stressed the importance of organizations in the public and private sectors sharing critical intelligence to help repel attacks, but many organizations remain reluctant to do so because of myths that have developed over the years. As co-chair of the cybersecurity and data privacy practice group at Husch Blackwell and a former attorney at NSA, Erik Dullea has a unique perspective on the myths and benefits. In this session he will talk to CRA’s Bill Brenner about the myths regarding the risks companies face when joining an info/intel sharing organization, the benefits of sharing information and safe harbor provisions that can help organizations manage the risks.
|Erik Dullea - Husch Blackwell LLP