Episode 24 of the podcast with threat researcher Jamie Kane covers common outcomes with cyber threat intelligence and some common pitfalls with implementation.
Outline:
- (00:50) Question 1: When talking with CISOs, what is the right narrative for clients in terms of investing in intelligence?
- (01:39) Question 2: What are some common risk-based outcomes you try and contextualize for CISOs? What actions can be taken from those?
- (06:05) Question 3: When you are talking to a CISO, and they have their budget front of mind, where do you tell them to spend in threat intelligence? What are intelligence delusions do you see in this space?
- (10:00) Question 4: When dealing with threat intelligence platforms, what are some considerations to keep in mind for implementation?
- (12:50) Question 5: What metrics have you driven in other security programs that show progress? For example, many SOCs use time to detect and time to respond as the metrics? Do you build off that with threat intelligence and/or go much further?