Austin

Deep in the heart of Texas

Though the city of Austin, TX is known for many things—great music, great BBQ, and the infamous SXSW Festival—it’s about to become known for one more: MISTI’s Threat intelligence Summit. Heading into its third year, the 2017 event has an exceptional speaker lineup comprised of threat intel and security operations center (SOC) practitioners who are gearing up to talk about the ins and outs of the day-to-day working in intel and operations.

The Threat Intelligence Summit won’t be about tchotchkes and security “rock stars,” but if you’re looking for practical advice on how to spin up a threat intel program, how to best integrate intelligence into operations, how to determine what’s actually intel and what’s just data, how to discriminate between sources, and how to use intel to inform risk management, this two-day event on November 29-30, 2017 will be hotter than pit-smoked ribs straight off the grill.

The stars at night are big and bright

The summit kicks off on Wednesday morning (long after you’ve recovered from your Thanksgiving turkey hangover) with a keynote from Austin’s own Brian Engle, Founder and CEO of Riskceptional Strategies, with a talk entitled, “The Castaway’s Guide for Escaping Threat Intel Island.” This keynote will address the complexities of running a business, and thus identifying threats, in today’s highly-connected enterprise. Whether your organization is a small family business or a large multinational, every company maintains dependencies on outside entities. Those relationships can introduce additional threats (Think: Target breach and how the entry point was a small HVAC vendor).

As the former Executive Director of the Retail Cyber Intelligence Sharing Center, Engle knows a thing or two about best practices on information sharing. During this opening keynote, Engle will address how security, threat intel, and operations teams can start sharing information to solve some of the problems businesses encounter when they try to operate in isolation.

The following day, Larry Whiteside, Co-Founder of Smart Hive and self-proclaimed Recovering CISO, will set the audience straight in his no-BS keynote, “Stop Buying Crap that Doesn’t Help You Deal with Real Threats.” Whiteside will address the industry’s propensity to layer the “latest, greatest” security products on offer instead of leveraging the tools and telemetry already present in most organizations’ systems. At the heart of this straight-shooting talk will be security fundamentals and skills development—things that should always be the core of any security program. Regardless of your organization’s budget, technology environment, or staff resources, Whiteside will show you how you can improve threat identification, prevention, and detection.

The prairie sky is wide and high

Following the keynotes on both days of the summit, we’ll have two jam-packed tracks: Tools, Tactics, and Techniques and Strategy. Understanding that no two organizations have threat intelligence programs at the same level of maturity or the same resources available to them, the Threat Intelligence Summit agenda will offer options for those just starting out, as well as those who maintain a robust program.

Kicking off the Strategy track, Brian Struc, Senior Information Security Analyst at First Command Financial Planning, will present “Riding the Log Flume: Please Keep Your Policies and Procedures Inside the Company at All Times.” During this advice-filled talk, attendees will learn how to use company-specific log data to obtain better and more actionable threat intelligence. Threat intelligence, after all, must be unique to each organization—and what better source of applicable information is there than log telemetry? That said, threat intelligence certainly is not log management. Struc will explain how to systematically implement logs, meaningfully correlate data, then turn that data into intelligence the organization can use to improve performance, compliance, and communication, with the ultimate goal of risk reduction.

What would a security conference be these days without a discussion of staffing? The talent shortage is top of mind for everybody, especially when it comes to bulking up a newer discipline like the threat intelligence team. Well, take it from somebody’s who’s grown his own, Dave Ockwell-Jenner, Senior Manager, Security Threat & Operational Risk Management (STORM) for SITA, a global air transport communications and information technology company. Nearly every airline passenger relies on SITA—talk about high stakes! Therefore, Ockwell-Jenner has had to not only build a team, but ensure that he has the best and brightest.

In his talk, “Cultivating Intel Superheros,” Ockwell-Jenner will share his experience finding, recruiting, and training A+ employees in a short timeframe. He’ll explain how the best intel professionals might hail from unexpected places, and how you can harness various skill sets and personalities to build your own world-class threat intelligence team.

The sage in bloom is like perfume

On the Tools, Tactics, and Techniques side, Anthony Zech will merge his current experience working on the cyber intelligence team for a multinational organization and his 11 years as a U.S. Marine where he served as an all-source Intelligence Officer to bring attendees, “Intelligence Preparation of the Battlespace and Cyber Threat Intelligence.” The idea behind this talk is that, though cyber threat intelligence (CTI) emerged from traditional military intelligence, many CTI programs ignore the longstanding processes and procedures that have—for centuries—made military intelligence reliable and effective.

Zech will walk attendees through Intelligence Preparation for the Battlefield, a U.S. Military doctrine that can help CTI teams prioritize resources to match business objectives, understand the organization’s unique threat environment, and contextualize threat intelligence to enable improved decision making. The ideas presented in this talk won’t be without controversy, but it is guaranteed to make you think objectively about how to improve your own CTI program.

Carla Panattoni, Risk and Threat Analyst, Intelligence Monitoring & Reporting program at the University of Washington, will share details from her years of research into the psychopathologies of cyber criminals. How cyber adversaries think ultimately affects how they operate—and how they will target your organization—so gaining an understanding of criminals’ thought processes is of critical importance if your organization expects to defeat cyber crime.

During her talk Panattoni will share with attendees how cyber adversaries promote strategic and fundamental objectives, how and why anonymity complicates prevention and detection measures, and how organizations can apply the principles of trust and confidence building to advance efficacy of the threat intelligence team.

Deep in the heart of Texas

The above are just a few of the sessions in which attendees can participate at the summit. Check out the full agenda for more information about the event, your favorite speakers, and topics of interest. For additional learning opportunities, we are also offering three hands-on workshops, pre- and post-summit:

  • Data Breaches will Happen…How You Recover Defines Your Company
  • The Art and Science  of Human Hacking
  • Blended Threat Assessments: Strategies for Maximizing Value from Red Team Security Testing

In addition to the planned content, the summit will include plenty of networking time for you to meet new security colleagues and reconnect with familiar faces. So get ready for Austin! It’s got rock and roll, BBQ, and (hopefully) you—learning new things about threat intelligence and sharing your own perspectives with the industry. We’ll be deep in the heart of Texas at the end of November; will we see you there, too?