Collective Intelligence Podcast, Kris Mansson of Silobreaker
When the enterprise considers what threat intelligence is all about, it thinks in terms of technical, structured information: indicators of compromise, IP addresses, domains, hashes, and more. The journey to structure, however, begins with unstructured data, often vacuumed up from a quite sizable number of open and Deep & Dark Web sources.
In this episode of the Collective Intelligence Podcast, Kris Mansson, Silobreaker’s chief executive officer, explains how organisations are struggling with unmanageable volumes of security data, and their desire for context around that data in order to make better decisions about threats to their networks, resources, or people.
Even with threat intelligence platforms or security information and event management systems, organisations can still be overwhelmed by security alerts and data culled from dozens and dozens of sources. As Mansson said, “Now it’s a prioritisation game.”
Technology and analysis that brings some measure of context to an avalanche of data and threat information enables organisations to understand the motivations behind what threat actors are up to, and what they’re up to on the open and dark webs. What vulnerabilities are attackers discussing? What code are they sharing? What exploits are for sale? Combine those insights with geopolitical activity, financial, or social machinations, and structured data begins to have context, and a road to finished threat intelligence materialises.
“We are trying to do the heavy lifting in terms of processing data and freeing up time for analysts to make decisions on top of it,” Mansson said. “Access to data is a given. It’s what you do with it that makes a difference.”
Mansson and Flashpoint Editorial Director Mike Mimoso also discuss the use cases for this approach to bringing structure to data and the journey to threat intelligence, as well as how cyber threat intelligence teams inside organisations are absorbing more responsibilities and expanding out to physical security, fraud, and other realms outside of cyber.
The Collective Intelligence Podcast, presented by Flashpoint and hosted by Editorial Director Mike Mimoso, features regular interviews with a diverse set of industry experts and Flashpoint analysts on the latest information security news and industry trends.