Levelling up: why sharing threat intelligence makes you more competitive

Presented at VB2018, Oct. 5, 2018, 2 p.m. (30 minutes).

The cybersecurity community has talked about intelligence sharing for 30 years, but progress in actually sharing has been slow. While many factors have hindered threat intelligence sharing, lurking in the background for cybersecurity companies has been the suspicion that if you are sharing, you are degrading your competitive advantage. However, threat intelligence sharing enhances your competitive advantage rather than weakening it. First, no single company can detect every cyber threat to every target organization all of the time; this means that in order to understand the big picture, you need threat intelligence from multiple sources. Second, threat intelligence data can be useful by itself, but the real value for your customers comes from what you do with the data - which means that access to more diverse data and points of view is better. Third, no single company can impose significant costs on our adversaries, which means that if we want to disrupt the bad guys systemically, threat intelligence sharing is a critical enabler. The question then becomes: how do we make intelligence sharing a reality in the cybersecurity industry? This talk will provide real-world examples of sharing between competitors from our experience at the Cyber Threat Alliance and will illustrate these three points.

Presenters:

• Michael Daniel - Cyber Threat Alliance
  Michael Daniel Michael Daniel currently serves as the President & CEO of the Cyber Threat Alliance (CTA). CTA works to improve the cybersecurity of our global digital ecosystem by enabling real-time, high-quality cyber threat information sharing among companies and organizations in the cybersecurity field. Prior to joining the CTA in February 2017, Michael served from June 2012 to January 2017 as Special Assistant to President Obama and Cybersecurity Coordinator on the National Security Council Staff. In this role, Michael led the development of national cybersecurity strategy and policy and ensured that the US government effectively partnered with the private sector, non-governmental organizations, and other nations. Earlier in his career, Michael worked for the Office of Management and Budget from 1995 to 2012, overseeing the budgets for the U.S. Intelligence Community and other national security programs. Michael currently lives in Arlington, Virginia with his wife and two sons. In his spare time, he enjoys running and martial arts. @cyallianceprez

Links:

• https://www.virusbulletin.com/conference/vb2018/abstracts/levelling-why-sharing-threat-intelligence-makes-you-more-competitive
• https://www.virusbulletin.com/uploads/pdf/conference_slides/2018/Daniel-VB2018-SharingThreatIntel.pdf

Similar Presentations:

• THOTCON 0x7 (2016) / Sharing is Caring: Understanding and measuring Threat Intelligence Sharing Effectiveness
• BSidesSF 2016 / Sharing is Caring: Understanding and measuring Threat Intelligence Sharing Effectiveness
• VB2019 / Panel: How can you operationalize threat intelligence?