@lotusebhat

Mark Arnold

@eg0sum

Mark Arnold, PhD, GXPN, CISSP, CISM has more than 20 years of technical and senior leadership in the information security space. He’s an advisory board member for OWASP Boston, SOURCE Conference, Boston Application Security Conference (BASC), and InfoSecWorld 2018. He is CISO/Sr. Director at Navisite and most recently a cloud researcher at Optiv.

Image result for will gragidoWill Gragido is a seasoned security professional with over 20 years’ experience in networking and information security. Will’s extensive background is the result of his service as a United States Marine, a consultant with the world renowned International Network Services, Internet Security Systems (now IBM ISS), McAfee, Damballa, Cassandra Security, RSA NetWitness, Carbon Black, Digital Shadows and now Digital Guardian where he leads the organization’s Advanced Threat Protection Product Line as its Director. Lead author and co-author of three Syngress Press titles

Hacking Intelligence – The Use, Abuse, and Misappropriation of Intel for for Fun and Mostly Profit

The appropriation of intelligence (and/or its art) within the security industry has raised the ire of many trained intelligence practitioners in the field. Some bemoan the fact that intelligence has been hijacked for profit with disregard of the discipline’s basic tenets. These tenets include but are not limited to tradecraft, life cycle, theory, analysis, application, and generation of actionable intelligence. On the other side of the aisle, security leaders have been tasked to implement threat intelligence within their respective security programs (maybe *because it has become fashionable to do so). More than not, however, such goals have proven elusive. Further, security leaders who procure intelligence products marketed to them are often left feeling they’ve been sold a bill of goods when those products fail to deliver.
This talk shares the results from conversations between a security expert/professional trained in the field of intelligence and a practitioner/researcher/leader not classically trained in the discipline. We discuss the uses, abuses, and misappropriations of intel with the hopes of forging a better path forward in this subject area. We do this by asking questions like \”What is cyber intelligence,” What does it look like and where is it going,” and lastly, \”How should it be used?”
To be covered:
• Tenets of intelligence
• The discipline of intelligence
• Why has CTI been in the “hype cycle”? Why do people care?
• What does cyber threat intelligence get us? Hacking the discipline

Come and see Mark and Will at RVAsec! Register Now.