Earlier this month, CTA was all-hands on deck for the virtual Virus Bulletin conference, aka. ‘vblocalhost,’ where we coordinated and sponsored the Threat Intelligence Practitioners’ Summit (TIPS). TIPS spanned a range of perspectives from different corners of the world and highlighted distinct approaches to threat intelligence.
If you missed the event or haven’t yet had a chance to check it out, don’t worry! TIPS is still available free and on-demand at this link.
We were delighted to welcome Sophos CTO Joe Levy to kick off the summit. Joe gave a fascinating keynote on the challenges of threat intelligence sharing framed using game theory, an approach that models strategic interactions between rational decision-makers.
“The dynamics of threat sharing have much in common with core ideas in game theoretic analysis of cooperation under competition. We can change these dynamics by understanding sharing as a game and finding leverage points that lead to more and better sharing.” — Joe Levy, Sophos
Our concluding keynote from Noortje Henrichs of the Dutch National Cyber Security Center (NCSC) offered a great window onto the work of governments in the threat intelligence space. She described not only the obstacles that NCSC faces in operationalizing and distributing actionable threat intelligence with limited resources and to diverse recipients, but also how NCSC has worked to overcome those obstacles.
“CERTs need to be able to provide threat intelligence across all levels – technical, tactical, operational, strategic – so we have people with different kinds of expertise who work together to meet this need.” — Noortje Henrichs, Dutch NCSC
Also on the menu at the TIPS track?
- Palo Alto Networks’ Pete Renals on scalable attribution for business email compromise
- Andrea Limbago from Interos on security and threat intelligence sharing for global supply chains
- A conversation on diversity, collaboration, and how not to be “comfortably numb” to cyber threats
- Abdelkader Cornelius from RecordedFuture on cybercrime in the German-speaking countries of Europe
- A panel on “flattening the curve” of cyber risk through threat intelligence sharing
- Imelda Flores and Fernando Acosta from Scitum on the evolution of ransomware in Latin America
Of course, virtual conferences abound in 2020. Staying focused on our field and driving turnout through social media, our website, and a virtual CTA booth allowed us to get the message out about threat intelligence (and sharing) to a larger crowd than we would have reached in-person.
We are extremely grateful to both our individual speakers and panel discussion participants for all of the time and energy that they put into the event. Similarly, we are grateful to the organizers, Virus Bulletin, for their hard work and perseverance through the uncertainty of these past few months.
Author: Jeannette Jarvis
The latest from the cyber threat alliance
On behalf of the Cyber Threat Alliance and the Cybersecurity Coalition, we would like to cordially invite you to attend our fifth annual cyber policy event, CyberNextDC. CyberNextDC is one of DC’s leading cybersecurity policy events of the year. This year’s event will be held in–person with an option to view via Zoom. CyberNextDC 2022 […]
Systemic Cybersecurity Risk and role of the Global Community: Managing the Unmanageable
Cyberattacks are frequently becoming ‘cyber events’ with systemic impact. How can governments and businesses respond?
Preparing for New Incident Reporting Requirements
Mandatory cyber incident reporting is being extended to many more organizations. Those already subject to these regulations face new, more stringent, requirements. Engaging proactively with government agencies and your own incident response and legal partners will make mandatory incident reporting as frictionless as [...]