Security Intelligence is the study of a significant amount of data from internal and external sources. The correlation of that data, is how we determine what security measures are necessary and effective in our enterprise, and which security measures are useless, or less than effective.
There are plenty of Honeypots and other measures to collect Security Intelligence. But many enterprises follow outmoded security measures, because they don’t actually collect any. Those enterprises are running on Security FUD, making decisions based on less than correct intelligence and information. FUD is a poor place to make choices from. Wherever they get it from, security practices not based on data, aren’t based on real threats.
In this talk, we will learn tools to use to get the best intelligence, sources for good news on current and emerging threats, and the ways to utilize all this information to determine the most effective security measures to protect your organization.
We will examine some security measures that are utilized out of fear and inertia, not intelligence and information. We will discuss how you can garner the information to drive real change at your organization, from the business level, to the auditing level, to InfoSec trench level.