Artificial Intelligence & Machine Learning , Next-Generation Technologies & Secure Development , Security Operations

Threat Intel Beyond the SOC: A Holistic Approach

Google's Tim Gallo on Creating More Proactive, Integrated Defenses
Tim Gallo, head of global solutions architects, Google

Integrating cyberthreat intelligence across all business operations is essential for enhancing security and managing risks effectively. But that valuable threat intel should not be limited to security operations centers, said Tim Gallo, head of global solutions architects, Google.

See Also: Enhancing Cyber Defense with AI-Powered SOCs

Good threat intel can help organizations identify common adversary methods and uncover motives such as criminal activities or espionage. This proactive defense strategy, Gallo said, involves understanding which assets are "crown jewels."

"Those are the things that are most important to us, which give us an idea of what types of adversaries are going to target us because they have specific TTPs that they've developed," he said. "At the same time, it gives us an idea of what tools they are going to use, so we know what we should be looking for and how we can more effectively defend."

In this video interview with Information Security Media Group at ISMG's North America Midwest Summit, Gallo also discussed:

  • How cyberthreat intelligence teams can provide guidance on data handling;
  • The need for proactive defense measures against criminal espionage or supply chain attacks;
  • Why cybersecurity teams cannot rely on technology alone.

Gallo has more than 25 years of experience in risk assessment, sales, technical leadership, cloud computing and cybersecurity. At Google, he leads a dynamic team of solutions architects specializing in cyberthreat intelligence and risk. Previously, he was the principal architect at Mandiant.

About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.