Tasked with the daunting mission of establishing a Cyber Threat Intelligence (CTI) capability amidst limited experience, tools, and resources? You're not alone. Dive into a real-life narrative where similar challenges were faced head-on. It all started with pinpointing the organization's most invaluable assets and recognizing the need to shield them. The journey progressed through the intricate layers of CTI, learning the nuances of the 'Who,' 'Why,' 'How,' 'Where,' and 'What' of potential threats. Fostering collaboration became vital: turning to Information Sharing and Analysis Centers (ISACs) for sector-specific insights and building invaluable alliances with government agencies. Internally, it was crucial to carve out and define the CTI role to bridge gaps and facilitate collaboration. Using free and paid resources/tools like our SIEM, Security and Vulnerability Management Solutions I was able to merge internal and external perspectives, and translate them into actionable items. Whether you're swimming in resources or navigating on a shoestring budget, this tale of tenacity, resilience, and innovation will inspire and guide those aiming to fortify their cyber defenses from ground zero.
View upcoming Summits: www.sans.org/u/DuS
SANS Cyber Threat Intelligence Summit 2024
Zero to CTI: A Novice’s Journey into Threat Intelligence
Garland Curry, Cyber Threat IntelligenceOfficer, Pediatrix Medical Group