Cyber Threat Intelligence – how does it actually work?
- 14:00 13th April 2018 ( Hilary Term 2018 )Tony Hoare Room, Robert Hooke Building
Cyber Threat Intelligence (CTI) has become somewhat of a buzzword in recent years. The promises are huge: Preventing cyber attacks in real time through blocklist sharing; secure collaboration across sectors; mass automation through machine learning. Those of us who study it have a good understanding of how it should be implemented and the concept of a ‘best practice’ – so why is it that structured intelligence languages such as STIX are not more common? This talk will discuss the theory behind structured intelligence and how it works in practice and the main pitfalls. An in depth look at the Analyst approach and supporting technologies that are required to make scalable CTI a reality including specific examples of where CTI has been used effectively to prevent national level cyber security incidents and the working practices of a global Intelligence team working at the cutting edge of CTI development.
Speaker bio
A fully qualified SANS Cyber Guardian, STIX geek and all-around nerd, Chris has led teams across both Public and Private Sector Cyber Security and Intelligence arenas. Chris started out as an Intrusion Analyst in UK Intelligence, tracking and responding to incidents, and was one of the first technical analysts to help establish NCSC UK. Before joining EclecticIQ, Chris held a post as Deputy Technical Director in the NCSC specialising in technical knowledge management to support rapid response to cyber incidents and is now Director Intelligence Operations at EclecticIQ leading a multi-national structured intelligence Analyst team.Share this:
