Threat intelligence brokerage revisited

Friday 5 October 13:30 - 14:00, TIS room

Juan Andrés Guerrero-Saade (Chronicle)



Private sector threat intelligence is a young industry teeming with unexpected perils. Anti-malware and infosec companies turned from technical analysis shops to political players overnight. While investigating state-sponsored or geopolitically significant threats brings notoriety, PR gains and sales gains, ethical conundrums also arise. At VB2015, we first discussed the uncomfortable subject of threat research as intelligence brokerage. Since then, the industry scenarios hypothesized therein have found expression in real-world clashes and ethical quandaries. Top-tier infosec firms continue to reinvent this nascent craft to provide greater protection capabilities and detect the next high-profile threat. But have we better defined the standards we hold ourselves to? What effect we should ultimately produce? And for whom? After three action-packed years of unbelievable high-profile cyber incidents, let’s reassess the state of threat research as intelligence brokerage.

 

Juan-Andres-Guerrero-Saade-web.jpg

Juan Andrés Guerrero-Saade

Juan Andrés specializes in tracking advanced threat actors and elucidating concepts of digital espionage. He was formerly Principal Security Researcher with Kaspersky Lab's GReAT team. Before joining Kaspersky, he worked as Senior Cybersecurity and National Security Advisor for the Ecuadorian government. Juan Andrés comes from a background of specialized research in philosophical logic. His latest publications include 'The Ethics and Perils of APT Research: An Unexpected Transition Into Intelligence Brokerage', 'Wave your False Flags! Deception Tactics Muddying Attribution in Targeted Attacks', and 'Walking in your enemy's shadow: when fourth-party collection becomes attribution hell'.

@juanandres_gs

 



Back to VB2018 Programme page

Other VB2018 papers

Workshop: AI in cybersecurity

Benoît Hamelin (Element AI)

Internet balkanization: why are we raising borders online?

Stefan Tanase (Ixia)

Android app deobfuscation using static-dynamic cooperation

Yoni Moses (Check Point)
Yaniv Mordekhay (Check Point)

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.