Threat Intel Directors

Threat Intel

A core focus of the ACSC since its founding. The ACSC’s work in this space has evolved over time and in response to the development of the commercial threat intel market. Having a Threat-focused security program is essential to applying resources to the right spot. 

Threat Intel Directors Network

A director-level network plays a major role in the 2022 ACSC programming. The network’s focus and output addresses organizations with fewer resources, and those with greater capacity. Some key focuses: 

  1. Effective practices for building, managing, and communicating threat intelligence
  2. Effective balance of internal and external resources; use of vendors and the marketplace
  3. Sharing means of tracking and reporting threat intelligence metrics
  4. Discussing timely topics, like geopolitical intelligence, or large scale incident response support

Three Challenge Topics:

  1. Internal Management & Continuous Impact: e.g., five steps for building a Threat Intel Program, models for weekly CISO briefings 
  2. Advanced Techniques and Models: e.g., applying MITRE ATT&CK to drive Threat  Hunt, effective dashboards, identifying data sources and innovative AI solutions
  3. Tooling/Vendors - Threat Intel Sources, 3rd Party Risk, Automation: e.g., 3rd Party Security and Risk Management, peer sharing of Threat Intel vendor deployments 

The Network is led by:

  • Lauren Jones, MassMutual - co-chair
  • Stephen Ernharth, Liberty Mutual - co-chair
  • Jonathan Brown, Dell
  • Jeremy Harchelroad, State Street
  • Brendan Picket, State Street
  • Rob McComber, Schneider Electric
  • Andrey Spiwak, John Hancock
  • Steve Castellarin, MIT Lincoln Lab