Applying Threat Intelligence Practically to Meet the Needs of an Evolving Regulatory Environment

Подробнее о видео

Effective and operationalized threat intelligence is required now more than ever. Even as organizations around the world grapple with shifting market conditions, an increasingly complex regulatory environment is also emerging that will impact cybersecurity programs and processes across many sectors. More recent examples such as DORA and the September 2023 SEC ruling concerning material cyber incidents join established frameworks such as those from NIST and the UK's Cyber Assessment Framework (CAF). Threat intelligence can help organizations develop, prioritize, and action plans and strategies as part of threat and risk management, which ultimately informs these regulatory and compliance assessments. However, a universal threat intelligence methodology or crosswalk does not exist, challenging organizations and threat intelligence professionals with navigating multiple guidelines and standards for operationalizing threat intelligence to meet these expectations. We have approached this challenge by identifying common themes we see across security assessments around the world which intersect with or are dependent on threat intelligence. From these themes, we further identified methods and practices that have led to more operationalized threat intelligence within organizations, while considering varying levels of maturity and resource availability. Our presentation will provide attendees with examples for operationalizing threat intelligence in the context of common themes we see as part of these assessments. We further provide leading practices concerning how this information can be more broadly applied through the context of threat intelligence maturity. This includes how threat intelligence can be integrated within: Organizational strategies and charters; The development of priorities and requirements; Collection evaluation and management; Security operations playbooks; and, Threat modeling scenarios.

View upcoming Summits:

SANS Cyber Threat Intelligence Summit 2024
Applying Threat Intelligence Practically to Meet the Needs of an Evolving Regulatory Environment
Sierra Stanczyk, Manager, PwC Threat Intelligence
Rachel Mullan, Director, PwC UK’s Cyber SecurityPractice, PwC