Page 10 - index
P. 10
Threat Intelligence & RSA
RSA 2015 was very much the year of Threat Intelligence. That is the overwhelming sensation
one is left with as the dust settles on the RSA conference for this year. Perhaps more than any
other expression Threat Intelligence (TI) was the one that everyone seems to have adopted and
made their own this year. I was trying to count the number of times I saw that phrase as I
walked down the exhibition halls and I gave up after 3 minutes. I think by that that time I had
seen the phrase at least on 15 booths.
I was surprised that even traditional SIEM vendors had adopted this term in an attempt to define
their own solutions. But what this perhaps reflects is that end users have an increasing urgency
and need for TI.
Listening to the many people that came to speak to Blueliv it was clear there is a need for TI but
end users are not quite sure how to deploy and use TI. I was also struck by the fact that the
words APT seemed to have faded somewhat into the background noise of the conference. This
was the buzzword of last year and this year there seems to have been a significant shift towards
trying to grapple with and understand how best to deploy and use TI.
Integration was the second theme that struck me has coming to the foreground this year. There
were many people that spoke to me about their frustration as to how the tools that are supposed
to identify security compromises more often than not fail to do so. What could be done to try
and improve existing security real estate that has already been deployed?
There is no appetite to rip out expensively installed hardware, what there was however was a
desire to feed threat intelligence into these devices to make them smarter. So what I heard from
the many that visited the Blueliv booth was can TI be integrated with what I have already
deployed? From the Blueliv perspective the answer was a resounding “yes it can”.
Finally, from a personal perspective, what for me was the most enjoyable part of the conference
was the diverse range of organizations that were present there. I think I just about spoke to
everyone from all of the continents around the world! Or is that my mind playing tricks on me? It
felt that way!
The conference was a wonderful opportunity to reach out and share our passion about security
with people face to face that you would never otherwise have an opportunity to engage with.
Everyone was speaking the language of security and everyone was asking the same question:
how can we become more effective in dealing with the threats that are emerging and how can
we move to a more strategic approach in dealing with cyber security threats and risks.
www.blueliv.com
10 Cyber Warnings E-Magazine – May 2015 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
