Episode 29 of the podcast covers the strategy of building a cyber threat intelligence program in the finance industry with American Century Investments CISO Aaron Weissenfluh.
- Question 1: (03:05) What are the business impacts that make a difference to the C-Suite and BoD regarding a Threat Intelligence Program? What considerations should a financial services company consider before spending on a threat intelligence program?
- Question 2: (04:00) What aspects of security programs need to be in place to make a threat intelligence program actionable?
- Question 3: (06:26) How did you go about building out a threat intelligence program in the past?
- Question 4: (13:17) What threats exist outside of traditional cyber crime against the network? Physical security? M&A? Fraud? How can cyber-related data assist in those types of investigations? What are some examples where timely, actionable intelligence resulted in more informed business decisions?
- Question 5: (19:34) Are their instances or examples that make your team go outside the firewall and attribute a threat? Or do you put more emphasis on blocking the threat and getting back to business as usual?