Gartner Summit: Building a Cyber Intelligence Team
Jun 24, 2014
2 minutes
1 views
Palo Alto Networks CSO Rick Howard addressed attendees at the 2014 Gartner Security and Risk Management Summit on Monday, emphasizing the hows and whys of building a cyber intelligence team. What's needed is not just "intelligence" but actionable intelligence; as Rick explained, "sometimes there is too much data and not all intelligence is created equal."
Rick urged attendees to focus on how security analysts pull in intelligence and use automation, processes and tools to qualify intelligence data, build profiles of cyber security adversaries -- who they are and why and how they would want to steal data -- and also work with peers to share information, best practices and actionable insights when dealing with those adversaries.
The incident response model from 10 years ago is too focused on reacting to cyber events that are already happening, Rick noted. "You were cleaning up the biggest messes because those were easier to see," Rick said. "It's the attacks you aren't seeing and don't know about -- that's where an intelligence team comes in handy and all of its learnings can be used to protect your assets."
Rick led a discussion with two representatives from Palo Alto Networks customers, Adam Rice, CISO at ATK, and Sheryl Hanchar, Senior Manager of Security for Broadcom.
The Gartner Summit continues through Wednesday. Visit Palo Alto Networks at Booth #308 during exhibit hours and check out some photos from the conference below.
Related Blogs
Our library of online content is here to help you learn more, no matter what format you prefer or which topic interests you most.
Subscribe to the Newsletter!
Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.