This presentation forms part of the CTA's Threat Intelligence Practitioners' Summit
Thursday 3 October 14:30 - 15:00, Small Talks room
Noortje Henrichs (NCSC-Netherlands), Hossein Jazi (Fortinet), Kathi Whitbey (Palo Alto Networks Unit 42), Righard Zwienenberg (ESET)
These days, CTI teams are as busy as ever. Their services and products are in high demand, as well as their analysis on the latest cyber attacks.
Experts in the field of cybersecurity have written extensively on what cyber threat intelligence (CTI) actually is, and how to implement it within organizations. But there is not much material on the topic of CTI teams, and on the people who work together in those teams. How do we build such a team? What kind of skills are we looking for? Do we need only technical specialists or do we also need other abilities to paint a clear picture of the threat landscape?
These questions are not only relevant in a time when CTI often gets confused for 'just your IoC-feed'. They are also addressing the shortage of qualified personnel. Because when we talk about recruiting CTI specialists, are we even looking in the right places?
This panel covers the building of a CTI team from different perspectives, as well as recruiting, skills and education, and bridging the talent gap. Join our team for a discussion on a rare topic!
Noortje Henrichs Noortje works at the Dutch National Centre for Cybersecurity (NCSC) and leads the Threat Analysis team and the Cyber Threat Intelligence team. From collection to dissemination, she is responsible for the execution of all phases of the threat intelligence lifecycle. She aims to deliver relevant and timely information on generic as well as sector-specific digital threats to the NCSC constituency. As part of a national CERT, it is her mission to offer partners, institutions and organizations a complete national threat landscape that combines technical information with tactical context (and vice versa). As a team lead, she underscores the importance of combining different skills and diversity in CTI-teams. She is a frequent speaker on that topic and highlighted the importance of diversity in CTI in the 2024 edition of KPN NLSecure[ID] and in the podcast 'All the Cyber Ladies'.
|
|
Hossein Jazi
|
|
Kathi Whitbey As the Lead Principal Program Manager for Unit 42, Kathi focuses on cross-team collaboration, reporting on business milestones, process improvements, maintaining strong relationships with stakeholders and partners, evangelizing threat intelligence information sharing, and is the Chief Morale Officer. Kathi is passionate about sharing her story of transition into cybersecurity and working with people to make their own experiences relatable to the world of cyber. Kathi was an integral part of the process of incorporating the Cyber Threat Alliance (CTA), one of the most successful threat intelligence sharing organizations to date. In addition, she was one of three technical resources from Palo Alto Networks who worked closely with the Girl Scouts of the USA to develop 18 Cybersecurity Badges. In her free time, Kathi has enjoyed volunteering as an Emergency Medical Technician (EMT) and Girl Scout leader. Kathi has an M.S. degree in information systems and over 25 years of experience in information technology and software development. Fun fact: Kathi has travelled to 40 different countries, to include living in Djibouti, Africa for 12 months, and running a half marathon in Antarctica.
|
|
Righard Zwienenberg Righard Zwienenberg started dealing with computer viruses in 1988 after encountering the first virus problems. His interest thus kindled he has studied virus behaviour and presented solutions and detection schemes ever since. Starting as an independent consultant, later as R&D Manager at CSE Ltd, as a researcher for ThunderBYTE, as Chief Research Officer at Norman, and currently as Senior Research Fellow at ESET. Over the years he has served in many extra roles in different industry organizations. Currently he is still serving on the board of AVAR, on the Technical Overview Board of the WildList and as the Vice Chair of the Executive Committee of IEEE ICSG. In 2018, Zwienenberg joined the Europol European Cyber Crime Center (EC3) Advisory Group as an ESET representative. Zwienenberg has been a member of CARO since late 1991. He is a frequent speaker at conferences – among these Virus Bulletin, EICAR, AVAR, RSA, InfoSec, SANS, CFET, ISOI, SANS Security Summits, IP Expo, Government Symposia, SCADA seminars – and general security seminars.
|
Back to VB2024 conference page