Enterprise use of threat intelligence in cyber security has matured far beyond amassing a sea of raw data about threats, vulnerabilities, and indicators of compromise. This information provides the necessary foundation, but the true value of threat intelligence is derived from critical capabilities such as:
- Automating the integration of information from multiple, trusted sources with your existing tools
- Identifying more quickly the threats that are specifically relevant to your organization
- Prioritizing the threats that represent the greatest potential impact, across your current environment
- Accelerating the time to investigate and make decisions about how to respond
- Reducing the time to remediate, using action-oriented guidance
In this webinar, Aberdeen Vice President and Research Fellow, Derek Brink and IBM Security [speaker, role] will describe the value of threat intelligence in practice, by framing it from the unique perspective of four roles in the typical enterprise:
- Level 1 analysts — e.g., real-time monitoring, initial investigation and information-gathering, and escalation
- Level 2 / 3 analysts — e.g., in-depth investigation, incident response, and threat hunting
- Operational leaders — e.g., Security Operations Center leadership, reporting, and communication
- Strategic leaders — e.g., Chief Information Security Officer leadership, resource allocation, risk management, and communication