How to Get Promoted: Developing Metrics to Show How Threat Intel Works - SANS CTI Summit 2019

Many organizations have operationalized threat intelligence as part of a well-rounded security program, but we often struggle to show the return on investment. This talk will focus on developing measures of effectiveness whether your program is just getting started or is pretty well established, independent of what tools or vendors you use. Based on multiple surveys of threat intelligence practitioners, directors, and cybersecurity decision-makers, the presentation will show where the disconnects are between those roles and how to focus on those metrics that are most useful when explaining the value of threat intelligence to decision-makers in your organization. Marika Chauvin, Senior Threat Intelligence Researcher, ThreatConnect Toni Gidwani (@t_gidwani), Director of Research, ThreatConnect

Join Today
Insights from NSA’s Cybersecurity Threat Operations Center
▶︎

Insights from NSA’s Cybersecurity Threat Operations Center

ATT&CK™ Your CTI w/ Lessons Learned from 4 Years in the Trenches - SANS CTI Summit 2019
▶︎

ATT&CK™ Your CTI w/ Lessons Learned from 4 Years in the Trenches - SANS CTI Summit 2019

A Practical Case of Threat Intelligence – From IoC to Unraveling an Attacker Infrastructure
▶︎

A Practical Case of Threat Intelligence – From IoC to Unraveling an Attacker Infrastructure

The Threat Intelligence EASY Button with Chris Cochran - SANS CTI Summit
▶︎

The Threat Intelligence EASY Button with Chris Cochran - SANS CTI Summit

1. Introduction, Threat Models
▶︎

1. Introduction, Threat Models

Threat Intelligence At Microsoft: A Look Inside - Cyber Threat Intelligence Summit 2017
▶︎

Threat Intelligence At Microsoft: A Look Inside - Cyber Threat Intelligence Summit 2017

How to Present Cyber Security Risk to Senior Leadership | SANS Webcast
▶︎

How to Present Cyber Security Risk to Senior Leadership | SANS Webcast

THESE Apps Are SPYING on You — Shut Them Off NOW!
▶︎

THESE Apps Are SPYING on You — Shut Them Off NOW!

The World's Most Important Machine
▶︎

The World's Most Important Machine

The Cycle of Cyber Threat Intelligence
▶︎

The Cycle of Cyber Threat Intelligence

How to Rob A Bank | Mr. Robot
▶︎

How to Rob A Bank | Mr. Robot

What Does an LLM-Powered Threat Intelligence Program Look Like?
▶︎

What Does an LLM-Powered Threat Intelligence Program Look Like?

But what is quantum computing? (Grover's Algorithm)
▶︎

But what is quantum computing? (Grover's Algorithm)

Zero-Click Attacks: AI Agents and the Next Cybersecurity Challenge
▶︎

Zero-Click Attacks: AI Agents and the Next Cybersecurity Challenge

Keynote: Cobalt Strike Threat Hunting | Chad Tilbury
▶︎

Keynote: Cobalt Strike Threat Hunting | Chad Tilbury

You MUST understand Cyber Threat Intelligence to Blue Team w/Samuel Kimmons
▶︎

You MUST understand Cyber Threat Intelligence to Blue Team w/Samuel Kimmons

Most Leaders Don't Even Know the Game They're In | Simon Sinek
▶︎

Most Leaders Don't Even Know the Game They're In | Simon Sinek

How ASML Makes Chips Faster With Its New $400 Million High NA Machine
▶︎

How ASML Makes Chips Faster With Its New $400 Million High NA Machine

Schroedinger’s Backslash: Tracking the Chinese APT Goblin Panda with RTF Metadata - SANS CTI Summit
▶︎

Schroedinger’s Backslash: Tracking the Chinese APT Goblin Panda with RTF Metadata - SANS CTI Summit

The Most Mysterious File On The Internet
▶︎

The Most Mysterious File On The Internet