We've built an intelligence-driven security operations program over the years, and would like to impart our wisdom to the security community. There's a lot of formalization and "best practices" out there, but often times we learn that these can be quite unwieldy. I will communicate what we've learned in building a cyber intelligence program with the backdrop of a lot of information available on the subject. At the end of the talk, hopefully you will come away thinking about cyber intelligence in terms of some simple components you can start with, and build from, to gradually evolve into a business-focused operation for your team.
Coleman Kane is the Principal Technologist for GE Aviation's security operations team in Cincinnati. He built the Cyber Intelligence program from the ground up, as well as working on teams developing sensoring and malware analysis platforms for the company. Coleman currently teaches cyber security courses as a Ph. D. candidate at the University of Cincinnati.