Dr. Almerindo Graziano is the CEO of Silensec, a management consulting, technology services and training company, specialized in information security services. Dr Graziano holds an MSc in Electronic Engineering and a PhD in mobile computer security, both from the University of Naples, Italy. For five years he was also the founder and course Leader for the MSc in Information Systems Security at Sheffield Hallam University, in collaboration with the British Standard Institution (BSI).
He has personally authored a number of training courses from ethical hacking to intrusion detection, along with the first ever ISO27001 Lead Implementer certification course offered by BSI worldwide. His areas of expertise include standards compliance (e.g. ISO27001, ISO22301, PCI DSS), IT infrastructure protection, design of SIEM and Log Management systems and development of the development of cyber threat intelligence capabilities. He has consulted in formation security for private and government organizations across Europe, Africa and Middle East. He also works as a cyber security expert for International Telecommunication Union (ITU) regularly delivering cyberdrills exercises and workshops for national CERTs and governments around the world.
www.silensec.com / firstname.lastname@example.org /Twitter: email@example.com
First Steps in Cyber Threat Intelligence
Many look at Cyber Threat Intelligence as the ultimate solution, the true and only silver bullet that will protect the organization from all kinds of cyber threats. Then comes the realization of the large investments required. Very few professionals realize what can be achieved with free and open-source solutions, often to a level that closely compete with commercial solutions. In this talk, the author will outline the options available to organizations when developing a cyber threat intelligence capability, along with best practice to follow and requirements to be met.
The author will begin by providing an overview of CTI development process and he will then present a number of tools and resources that can readily provide cyber threat intelligence to the organization. The talk will conclude with recommendations for choosing the right CTI providers, solutions and technologies to match the organization’s requirements and risk appetite.