Name: The Threat Intelligence Playbook: Keys to Building Your Own Threat Intelligence
Start: 2018-11-07T18:00:00Z
End: 2018-11-07T18:00:59.000Z
Location: BrightTALK
Rating: 4.5

ISSA is the community of choice for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk and protecting critical information and infrastructure.

Privacy & Security: Different But Equal and Why They Need to Work Together

In recent years privacy regulation has taken over the globe. Many companies have made changes to their websites and applications in order to comply with these laws, while at the same time neglecting the changing technical infrastructure upon which those systems are built.  In this session Cory will review the slate of changes imposed by browsers and operating systems in recent years which continue to impact existing architectures, and how those changes impact existing business processes.

Privacy is About More Than Just Regulation

Join us for an enlightening webinar as we explore the intricacies of embracing the Zero Trust Model, from theory to practice. Whether you're a novice or seasoned professional, this session will equip you with expert insights and actionable strategies for implementing Zero Trust principles effectively. Dive deep into understanding the Zero Trust Model and discover how it can revolutionize your cybersecurity approach. 
Join the session to learn how to:
• Understand the foundational principles of the Zero Trust Model and dispel common misconceptions.
• Learn strategic approaches to purchasing technology that align with Zero Trust objectives.
• Discover essential steps for crafting and implementing a robust Zero Trust plan.
• Gain insights into achieving major milestones early in your Zero Trust journey.

Unlocking Zero Trust: A Blueprint for Secure Operations

Sign up for this talk here, or for ALL sessions of the ISSA International Cyber Resilience Awareness Day Virtual Summit here: https://issa.brighttalk.com/summit/6857/

Power utilities use a variety of Industrial Control Systems (ICS) to manage their operations which are structured into six independent but interconnected zones: Power Generation, High Voltage (HV) Transmission System Operation (TSO), Medium Voltage (MV) Distribution System operation (DSO), MV Distributed Generation, Low Voltage (LV) power delivery and LV Distributed Generation. Each of these zones includes electrical and mechanical assets, process controllers and communications, which perform local control within their zone and communicate with other zones. The power grid structure described here is in line with the deployment of the Smart Grid architecture, which also includes MV and LV distributed generation, and Industrial Internet of Things (IIoT).

Cyber-Secured Power Utility Operation

Sign up for this talk and ALL sessions of the ISSA International Cyber Resilience Awareness Day Virtual Summit here: https://issa.brighttalk.com/summit/6857/

This session provides a strategic framework for navigating the complex and chaotic landscape of cybersecurity risks, emphasizing the need for resilience in the face of rising cyber threats. 

The presentation outlines key survival strategies, including developing "meta" systems, cultivating domain awareness, promoting risk awareness, and investing in contingencies and controls. It highlights the importance of establishing Risk Level Agreements™ and integrating business operations with security operations. 

The discussion covers essential topics such as governance, vulnerability management, and the concept of "Cyber Entropy™," focusing on how increasing complexity, dependencies, and external threats challenge cybersecurity efforts. The overall message encourages organizations to embrace risk, acknowledge conflict, and strategically plan for resilience through governance, risk management, and continuous system improvement.

Surviving the Sands of Cyber Entropy, Conflict, Risk and Resiliency

Sign up for this talk here, or for ALL sessions of the ISSA International Cyber Resilience Awareness Day Virtual Summit here: https://issa.brighttalk.com/summit/6857/

The CREF Navigator™ was developed as a web based relational tool distilling the complex concepts and relationships from NIST SP 800-160 Volume 2 (Rev 1) into useful cyber resiliency terms, tables, and relationship visualizations enabling architectural and engineering analysis. The tool contains a hover-over, clickable dictionary of cyber resiliency terms; customizable visualization of complex relationships to other frameworks; the ability to balance and prioritize cyber resiliency choices based on nodal analysis; and export and import capabilities from ATT&CK® Navigator for presentation and analysis. The tool also provides an excellent crash course reference and training tool for those uninitiated to cyber resiliency concepts that is available to the masses via the internet for free.

Demonstration of MITRE’s CREF

Sign up for this talk here, or for ALL sessions of the ISSA International Cyber Resilience Awareness Day Virtual Summit here: https://issa.brighttalk.com/summit/6857/

Beyond the Basics: What Firefighting Can Teach Us About Cyber Resilience – Unveiling the IDRRA Framework for Dynamic Defense

What it means to be truly resilient—because in the world of cyber, as in firefighting, preparedness & adaptability are everything. When we think of cyber resilience, we often default to the basics: protect, detect, and respond. But true resilience goes beyond these elements. Just as firefighters don't just react to a fire but prepare, anticipate, and adapt their tactics based on an evolving understanding of the situation, organizations must rethink how they approach cyber resilience.

In this session, I will introduce the IDRRA Framework (Investigate, Declare, Respond, Recover, Adapt), a proprietary approach that borrows from the disciplined, dynamic, and proactive strategies of firefighting to better prepare for and respond to cyber threats. This framework challenges the conventional wisdom of cyber security, moving beyond static defense and response to embrace a more agile, adaptive, and holistic approach to cyber resilience.

Just as firefighting is a mix of preparation, swift response, and continuous adaptation, true cyber resilience requires a blend of technical excellence, operational agility, and cultural commitment. It’s time we stop seeing cyber resilience as a checkbox activity and start treating it as an ongoing operation—dynamic, complex, and ever-evolving.

Join me for this thought-provoking session where we will delve into the IDRRA framework, drawing parallels with firefighting to uncover the unspoken elements of CR that many organizations overlook. Let's explore how adopting this framework can transform your approach to security, turning your organization from a passive defender into a proactive, adaptive force in the face of cyber threats.

What Firefighting Can Teach Us About Cyber Resilience – Unveiling the IDRRA Framework for Dynamic Defense

Sign up for this talk here, or for ALL sessions of the ISSA International Cyber Resilience Awareness Day Virtual Summit here: https://issa.brighttalk.com/summit/6857/

Resilience is the ability to remain viable amidst adversity and to be better for it. The world has come to realize incidents will happen. The key is to detect faster and to recover quicker. Malicious actors understand our technical defenses are strong, so they exploit the softer dimensions of people, process, and organization.

In this session, we will level-set the guiding principles of resilience while walking through national and international efforts, including legislation, regulations, and standards. After laying the foundation, the session will map out the core steps to achieve resilience while providing lessons learned and street knowledge so you can make informed decisions.

The President’s Council of Advisors on Science and Technology (PCAST) produced “Strategy for Cyber-Physical Resilience: Fortifying Our Critical Infrastructure for a Digital World.”

The EU enacted the Network and Information Security Directive (NIS2) to raise the level of resilience across the EU. The EU also passed the Digital Operational Resilience Act (DORA) to further bolster the financial services sector. Other nations like Canada have similar efforts.

The session will suggest tools and techniques to facilitate your journey along with metrics, statistics, and case studies to make informed decisions.

Featuring:
• Alex Sharpe: CEO, Sharpe llc
• Adam Isles: Principal, Chertoff Group
• Mark Orsi: CEO, GRF
• Gentry Lane: CEO, CTO & Founder, Nemesis Global
• Dr. Georgianna "George" Shea: CTO FDD and PCAST Member

Panel Discussion: The Report to the President on Resilience

Sign up for this talk here, or for ALL sessions of the ISSA International Cyber Resilience Awareness Day Virtual Summit here: https://issa.brighttalk.com/summit/6857/

This presentation dives into real-world experiences in responding to cybersecurity crises on a global scale and the critical steps for recovery. Drawing from over two decades in the field, Ashley Fairman will share key lessons learned from handling high-pressure cyber incidents across industries from DoD to Big Tech. 

From initial response to full recovery, this session will guide businesses through the process of managing cyber crises and rebuilding with resilience. Key topics will include incident management frameworks, stakeholder communication, regulatory considerations, and long-term recovery planning.

Cyber Crisis Response and Recovery: Lessons from the Field

Sign up for this talk here, or for ALL sessions of the ISSA International Cyber Resilience Awareness Day Virtual Summit here: https://issa.brighttalk.com/summit/6857/

The talk will address the diverse challenges encountered when implementing a comprehensive cyber resilience strategy at scale. These include aligning organizations at different levels of cybersecurity maturity, managing legacy systems, and addressing specific OT-related risks.

Real-World Insights into the Implementation of a Cyber Resilience Program for Industrial Organizations

In this webinar we will present key insights from the latest survey conducted by the Information Systems Security Association (ISSA), highlighting the current state of cyber resilience across various industries. 

This session will explore critical findings, including the effectiveness of cyber defense strategies, emerging challenges, and best practices for enhancing organizational resilience in the face of evolving threats. Attendees will gain a comprehensive understanding of how organizations are adapting to the complex cyber landscape, as well as a valuable benchmark for improving their cyber resilience posture.

ISSA Cyber Resilience Survey Results - 2024

Sign up for this talk here, or for ALL sessions of the ISSA International Cyber Resilience Awareness Day Virtual Summit here: https://issa.brighttalk.com/summit/6857/

Traditional Indicators of Compromise (IoCs) fall short in detecting advanced persistent threats, which are becoming increasingly sophisticated and evasive. The Indicators of Behavior (IoB) Subproject under the Open Cybersecurity Alliance (OCA) aims to overcome these limitations by shifting the focus from static artifacts like virus signatures to dynamic patterns of adversarial behaviors.

This talk will explore the IoB Subproject's efforts to standardize the representation of cyber adversary behaviors, enhance the sharing of behavioral patterns across organizations, and improve analytics for behavior-based threat detection. We’ll also discuss how IoB builds upon the widely adopted STIX2.1 framework, incorporating behavior-based indicators for better detection and mitigation of threats. Attendees will gain insights into the latest developments in threat detection methodologies, including actionable playbooks and workflows designed to streamline incident response processes.

Indicators of Behavior (IoB) for Advanced Cyber Threat Detection

Sign up for this talk here, or for ALL sessions of the ISSA International Cyber Resilience Awareness Day Virtual Summit here: https://issa.brighttalk.com/summit/6857/

The CRO is a Senior Executive responsible for creating a modern resilience capability. They not only anticipate, defend and adapt to threats by studying the global landscape and asking, "Could this happen to our company?", but also by determining the best strategy to prevent it, and more importantly, do so in a way that positions organizations to capitalize on disruption and uncertainty.

Featuring:
• David Young: Business Continuity and Organizational Resilience Leader, Panasonic Energy of North America
• Chika Okoli: GRC Consultant, Miratech

Making the Business Case for a Chief (Cyber) Resilience Officer

Sign up for this talk here, or for ALL sessions of the ISSA International Cyber Resilience Awareness Day Virtual Summit here: https://issa.brighttalk.com/summit/6857/

Space is a critical asset for the United States. It represents the nerve center of many advanced communications and defense systems vital to the economic and national security interests of the nation. NIST is partnering with NASA’s Jet Propulsion Laboratory in the first of its kind experiment to use the security design principles in SP 800-160, Volume 1 to protect a real space flight system. This session will describe the pilot project’s strategy, hypotheses, objectives, outcomes, and metrics for success.

Protecting Cyber-Physical Space Systems: The SunRISE Engineering-Based Security Pilot Project

Sign up for this talk here, or for ALL sessions of the ISSA International Cyber Resilience Awareness Day Virtual Summit here: https://issa.brighttalk.com/summit/6857/

The NICE Framework provides standard language for describing cybersecurity work. In 2024, the NICE Program Office at the National Institute of Standards and Technology (NIST) published 11 Competency Areas aimed at supporting assessment and professional development in emerging and multidisciplinary cybersecurity domains, including Cyber Resiliency. Following engagement with diverse subject matter experts, the NICE team has developed an inventory of Knowledge and Skills that practitioners of cyber resiliency need to do their jobs. 

This presentation will explain Competency Areas and summarize the development of the Cyber Resiliency Competency Areas. It will also highlight opportunities for applying the Cyber Resiliency Competency Area across areas of cybersecurity work represented in the NICE Framework. Finally, the presentation will provide information about how stakeholder can engage in the continuing improvements to the NICE Framework.

Cyber Resilience in the NICE Framework — A New Benchmark for Professional Competency

Sign up for this talk here, or for ALL sessions of the ISSA International Cyber Resilience Awareness Day Virtual Summit here: https://issa.brighttalk.com/summit/6857/

Organizations often rely heavily on industry best practices and standards to guide and reassure them in deciding how to enhance their cyber resilience posture. However, knowing what “good resilience” looks like in theory is proving a necessary but insufficient condition to drive meaningful improvements in the resilience of our increasingly digital enterprises and economies. To move the dial on better outcomes, we need to be willing to look below the surface of our network topologies and be radically curious about the human and interpersonal complexity we find underneath. 

In this talk, Anne Leslie will delve into the intricate, unspoken dynamics that exist between diverse stakeholder groups with diverging incentives and competing interests, best-practice domain expertise, organizational processes, and defensive technologies in achieving robust cyber resilience, drawing on actionable insights from the disciplines of dispute resolution, negotiation, and psychology. By examining how individual and group identities, behaviors, emotions, and power dynamics collide in our organizations, she will offer participants a new mental model for thinking about how to drive better cyber resilience outcomes, with practical recommendations for navigating the complex decision-making and operational steering that underpin all cyber resilience-building efforts.

Cyber Resilience: It's Time to Get Our Best Practices to Deliver Better

Sign up for this talk here, or for ALL sessions of the ISSA International Cyber Resilience Awareness Day Virtual Summit here: https://issa.brighttalk.com/summit/6857/

In this session we will review Sheltered Harbor Data Vaulting, which is designed to enable a financial institution to survive despite a severe but plausible outage such as might result from a cyber attack that causes the loss of all customer data.

Data Vault and Isolated Recovery Environment

Sign up for this talk here, or for ALL sessions of the ISSA International Cyber Resilience Awareness Day Virtual Summit here: https://issa.brighttalk.com/summit/6857/

Cyber resilience has become a trendy, all-purpose concept on which everyone can hang whatever they like. If we want our organizations and ecosystems to become more 'cyber resilient', it makes sense to first establish common ground on what cyber resilience actually means. It is not synonymous to cybersecurity nor operational resilience, and it is more than just adding response and recovery to prevention into a cocktail blender. 

You're invited to join discussions on high value targets, critical asset taxonomy, threat informed defense, threat modeling, best-in-class cyber resilience frameworks, cyber resilience architectural concepts and methodologies & cyber resiliency skills. We will point as well to the Cyber Resilience Manifesto as a foundational compendium to this talk.

Featuring:
• Francesco Chiarini: ISSA, High Value Target
• Patrick Lechner: Co-Founder, Managing Director, resion - innovative cyber resilience
• Mehdi Azaouioui: ISSA, CEO LimberSecurity

Demystifying Cyber Resilience

Acronyms such as IOCs (indicators of compromise) and IOAs (indicators of attack) are ubiquitous in the security industry. But a recent SANS Institute survey revealed that a vast majority of security professionals don't even know how many indicators they receive or can use. Join DomainTools Sales Engineer, Taylor Wilkes-Pierce to learn how IOCs and IOAs can work in tandem to build your own threat intelligence, enrich your investigations and overall security strategy. 


In this webinar, you will learn

How security professionals go about sourcing indicators
What can you do with IOCs/IOAs after locating valuable indicators
To pivot through threat actor infrastructure and determine the "Who" and the "How Bad".

Moderator: 
C-A Washington, Founder, Image & Etiquette Institute

Speakers:
Taylor Wilkes-Pierce, Sales Engineer, DomainTools
Ken Dunham, Senior Director, Technical Cyber Threat Intelligence, Optiv
Greg Reith, Sr. Solutions Architect, CenturyLink

The Threat Intelligence Playbook: Keys to Building Your Own Threat Intelligence

Threat Intelligence

SANS

Indicators of Compromise

Indicators of Attack

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

The Threat Intelligence Playbook: Keys to Building Your Own Threat Intelligence

Presented by

About this talk

More from this channel