Rethinking Organizational Threat Intelligence
Resecurity CTO Christian Lees on How Organizations Can Improve Their Risk AppetiteEffectively leveraging threat intelligence can be very difficult when an organization does not know its environment thoroughly. In such a case, the challenge for the organization is to identify its weaknesses, according to Christian Lees, CTO of Resecurity.
See Also: How to Take the Complexity Out of Cybersecurity
The mark of a good or mature threat intelligence program lies with the organization's ability to talk internally about risk from senior management to the C-suite. "So, finding a way to discuss risks successfully in a more benign, technical way can help an organization to define its appetite for risk better," Lees said.
He said that threat intelligence has become "buzzy" over the years. "If we were to look in a rearview mirror, 10 years ago, threat intelligence was probably a lot different - let's just call it IP reputation feeds," Lees said. "Fast-forward to today - it's quite complex." He pointed out there is no standard practice on the dark web among thousands of threat actors: "We all talk about dark web. We all talk about how complex it is, but we don't know a lot about it."
In this video interview with Information Security Media Group at RSA Conference 2023, Lees also discusses:
- The value of a well-thought-out threat intelligence program;
- How to make organizational threat intelligence programs successful;
- How Resecurity is addressing threat intelligence challenges for its customers.
Lees brings over 35 years of experience in the cybersecurity and IT industry, with a proven track record of building technology for vulnerability assessment, intrusion detection, network security and DDoS mitigation at Resecurity, Trustwave, Level 3, MCI and IBM. He previously served as CTO for Vigilante ATI (acquired by ZeroFox) and CTO of InfoArmor (acquired by AllState).