Join SANS for this innovative 1-day event as we focus on enabling organizations to build effective cyber threat intelligence capabilities.
Conventional network defense tools such as intrusion detection systems and anti-virus focus on the vulnerability component of risk, and traditional incident response methodology presupposes a successful intrusion. An evolution in the goals and sophistication of computer network intrusions has rendered these approaches insufficient for the threats facing many modern networked organizations. A new class of adversaries, appropriately dubbed the "Advanced Persistent Threat" (APT), represents well-resourced and trained adversaries that conduct multi-year intrusion campaigns targeting highly sensitive and valuable data in an attempt to gain a competitive edge, particularly in international business and law, or nation-state political and military affairs. These adversaries accomplish their goals using advanced tools and techniques designed to circumvent most conventional computer network defense mechanisms and remain undetected in their intrusion efforts or presence on networks over long periods of time.
Network defense techniques which leverage knowledge about these adversaries - known as cyber threat intelligence - can enable defenders to establish a state of information superiority which decreases the adversary's likelihood of success with each subsequent intrusion attempt. Threat intelligence can be a force multiplier as organizations look to update their security programs and defenses to deal with increasingly sophisticated advanced persistent threats. Security managers need accurate, timely and detailed information to continuously monitor new and evolving attacks, and methods to exploit this information in furtherance of an improved defensive posture. Make no mistake about it: contemporaneous computer network defense contains a strong element of intelligence and counterintelligence that analysts and managers alike must understand and leverage.
The goal of this summit will be to equip attendees with knowledge on the tools, methodologies and processes they need to move forward with cyber threat intelligence. The SANS What Works in Cyber Threat Intelligence Summit will bring attendees who are eager to hear this information and learn about tools, techniques, and solutions that can help address these needs.
Looking forward to seeing you March 22nd in Washington, DC.
Mike Cloppert and Rob Lee
Cyber Threat Intelligence Summit Co-Chairs