CEO Wrap-Up
During the first day of the 2021 ILTA LegalSEC Summit, Keynote speaker Kristy Westphal, a VP of Security Operations, took to the global, virtual stage.
With a packed agenda, she covered the broader “What is Threat Intelligence” topic, keying for how it can add value, what the future and current state of the threat landscape looks like, and what our ILTAns and their firms can do to leverage threat intelligence.
Let’s take a quick and very cursory dive into what she covered…
1. What is Threat Intelligence: “Cyber threat intelligence is what cyber threat information becomes once it has been collected, evaluated in the context of its source and reliability, and analyzed through rigorous and structured tradecraft techniques by those with substantive expertise and access to all-source information.”
But, she mentions, there’s more to it: a threat is someone who has capability, opportunity, and intent. You need all three, and we need to ensure that we do threat intelligence the right way by focusing on all three, or we are putting ourselves in harm's way.
2. What is MITRE? MITRE is a not-for-profit organization based in Bedford, Massachusetts (US) and McLean, Virginia (US). MITRE operates federally funded research and development centers (FFRDCs) to assist the United States government with scientific research, development, and systems engineering. It can also help you find the tools to handle and remediate cyber intel, threats, and vulnerabilities. There are many different ways to incorporate planning for threat intelligence into your organization; check out slide 9 (available for attendees in the resource library) to see how it feeds into an entire cycle.
3. The State of Threat Landscape: Check out and keep checking back with the DBIR (Verizon Data Breach Investigation Report). The DBIR has been the de facto source of 'what’s going on out there' for many years now, and each firm should continue to use its valuable resources to help with cybersecurity pursuits.
4. And lastly: What can YOU do?
- To begin, read and engage with the news.
- When someone says, “Our threat intelligence says...,” start asking questions
- Trust but verify before taking action
- Feed the IT folks, I mean, find the folks that understand the real scoop on TI and make friends, both within and without of your organization. Lean on them when you need to know something; this goes for vendors as well.
A huge thank you to Keynote speaker Kristy Westphal, a VP of Security Operations for these tips and tricks, but moreover, for being an advocate for change in Legal!
A big thank you to iManage for sponsoring this keynote presentation!