The Cyber5 Podcast

How Much Intelligence a CISO Needs with Threat Researcher Jamie Kane

Episode 24 of the podcast with threat researcher Jamie Kane covers common outcomes with cyber threat intelligence and some common pitfalls with implementation.

Outline:

  • (00:50) Question 1: When talking with CISOs, what is the right narrative for clients in terms of investing in intelligence?
  • (01:39) Question 2: What are some common risk-based outcomes you try and contextualize for CISOs? What actions can be taken from those?
  • (06:05) Question 3: When you are talking to a CISO, and they have their budget front of mind, where do you tell them to spend in threat intelligence? What are intelligence delusions do you see in this space?
  • (10:00) Question 4: When dealing with threat intelligence platforms, what are some considerations to keep in mind for implementation?
  • (12:50) Question 5: What metrics have you driven in other security programs that show progress? For example, many SOCs use time to detect and time to respond as the metrics? Do you build off that with threat intelligence and/or go much further?

Episode 24 | September 17, 2020

Adversary Research
Discovering the methods, motives and identity of threat actors to disrupt attacks 
Reputation Defense
Technical guidance for countering disinformation and slanderous attacks 
Trust & Safety
Intelligence to secure business operations and defend against fraud, abuse and e-crime 
TPRM Exposure
Adversary-centric intelligence to address supplier, M&A and investment risks 
Outside Intel
Research for defending outside the firewall that leverages tier 3 intelligence programs 
Executive Shield
Assessment of threats to key personnel with attribution and PII takedown  
Adversary Insights Retainer℠
Annual retainers for client-driven inquiries and rapid-response research 
Intelligence Team as a Service
Collaborative engagement providing robust intelligence and tier 3 cyber analysts  
Event-Driven Intel Investigations
Multidimensional security fact-finding that delivers insights into adversary behavior 
On Demand Threat Research
Proactive and preventative investigations that reveal threat actor context and risk correlations 
Investment Zero Touch Diligence℠
Project-based discovery to assess risk for investments, IPO, Mergers and Acquisitions 
TPRM Zero Touch Diligence℠
Subscription assessment of external network hygiene, key personnel, and non-traditional business risks