This presentation forms part of the CTA's Threat Intelligence Practitioners' Summit
Thursday 3 October 14:30 - 15:00, Small Talks room
Noortje Henrichs (NCSC-Netherlands), Hossein Hadian Jazi (Fortinet), Kathi Whitbey (Palo Alto Networks Unit 42), Righard Zwienenberg (ESET)
These days, CTI-teams are as busy as ever. Their services and products are in high demand, as well as their analysis on the latest cyber attacks.
Experts in the field of cybersecurity have written extensively on what cyber threat intelligence (CTI) actually is, and how to implement it within organizations. But there is not much material on the topic of CTI teams, and on the people who work together in those teams. How do we build such a team? What kind of skills are you looking for? Do we need only technical specialists or do we also need other abilities to paint a clear picture of the threat landscape?
These questions are not only relevant in a time when CTI often gets confused for 'just your IoC-feed.' They are also addressing the shortage of qualified personnel. Because when we talk about recruiting CTI specialists, are we even looking in the right places?
This panel covers the building of a CTI team from different perspectives, as well as recruiting, skills and education, and bridging the talent gap. Join our team for a discussion on a rare topic!
Hossein Jazi Hossein Jazi is a senior threat intelligence specialist at Fortinet, where he contributes as an active researcher with interests in APT tracking, malware analysis, cyber threat intelligence, and machine learning. His current efforts are centred on identifying and monitoring APT activities, along with publishing insightful blogs on their operations. In addition to these projects, Jazi is focused on developing proactive techniques to monitor cyber threat actors' actions and collaborating with various partners to enhance cyber threat research capabilities. He holds a Master's degree in computer science and has over 14 years of experience specializing in cybersecurity and APT analysis. |
|
Righard Zwienenberg Righard Zwienenberg started dealing with computer viruses in 1988 after encountering the first virus problems. His interest thus kindled he has studied virus behaviour and presented solutions and detection schemes ever since. Starting as an independent consultant, later as R&D Manager at CSE Ltd, as a researcher for ThunderBYTE, as Chief Research Officer at Norman, and currently as Senior Research Fellow at ESET. Over the years he has served in many extra roles in different industry organizations. Currently he is still serving on the board of AVAR, on the Technical Overview Board of the WildList and as the Vice Chair of the Executive Committee of IEEE ICSG. In 2018, Zwienenberg joined the Europol European Cyber Crime Center (EC3) Advisory Group as an ESET representative. Zwienenberg has been a member of CARO since late 1991. He is a frequent speaker at conferences – among these Virus Bulletin, EICAR, AVAR, RSA, InfoSec, SANS, CFET, ISOI, SANS Security Summits, IP Expo, Government Symposia, SCADA seminars – and general security seminars.
|
Back to VB2024 conference page