Cyber threat intelligence (CTI) has been growing in use and maturing in capability. But what is threat information without context provided by the operational, vulnerability and security data (located in management systems organizations already have in place)? To truly be mature, CTI must be able to integrate with all these systems (and more) for prevention, detection, response and workflow support.
How well are organizations integrating intelligence with their detection and response programs? Not well enough, but those that are do experience benefits of increased visibility, faster and more accurate detection and response, according to results of past SANS surveys on CTI.
In this webcast, SANS releases the results of their 2018 Cyber Threat Intelligence Survey that measures the maturity of CTI programs based on how useful threat intelligence information is to security and response operations.
In this webcast, survey author and SANS Senior Instructor Dave Shackleford will discuss:
- The usefulness of intelligence
- What departments within the organization are utilizing intelligence and how
- What works, what doesn't work: Best practices for utilizing intelligence
- Future uses for intelligence