Unexpected Pairings: Wine Tasting and Threat IntelligenceCertified Sommelier Allan Liska on the Deductive Craft of Understanding Threats
In his spare time, ransomware expert Allan Liska likes to taste wine, so much so that he recently became a certified sommelier. While he thought he was branching out from his day job as principal intelligence analyst at Recorded Future, Liska says he's found numerous parallels between the two processes.
"The deductive tasting process is a lot like threat intel," he says. "Threat intel works because we have a history of attacks. And we can compare new attacks against those because bad guys don't change their techniques all at once. They evolve, but they evolve slowly. Well, wine tasting is the same way."
In a video interview with Information Security Media Group at RSA Conference 2022, Liska also discusses:
- His work with the Ransomware Task Force and next steps;
- Ransomware trends;
- Advice for anyone who wants to get a job in threat intelligence.
With more than 20 years of experience in ransomware and information security, Liska has improved countless organizations' security posture using more effective intelligence. At Recorded Future, he provides ransomware-related counsel and key recommendations to major global corporations and government agencies. Liska, who works as a security practitioner and ethical hacker at Recorded Future, previously held similar roles with Symantec, iSIGHT Partners and FireEye. He serves on national ransomware task forces and speaks at global conferences. He has authored numerous books, including "The Practice of Network Security," "Building an Intelligence-Led Security Program," "NTP Security: A Quick-Start Guide," "Ransomware: Defending Against Digital Extortion," "DNS Security: Defending the Domain Name System" and "Ransomware: Understand. Prevent. Recover."