『Storytelling, Stakeholders, and Communicating CTI to the Board - Interview with Gert-Jan Bruggink (S1E2)』のカバーアート

Storytelling, Stakeholders, and Communicating CTI to the Board - Interview with Gert-Jan Bruggink (S1E2)

Storytelling, Stakeholders, and Communicating CTI to the Board - Interview with Gert-Jan Bruggink (S1E2)

無料で聴く

ポッドキャストの詳細を見る

このコンテンツについて

 In this conversation, Freddy and Gert-Jan delve into the complexities of cybersecurity and cyber threat intelligence (CTI), exploring the importance of decision-making informed by intelligence, the challenges of training and development in the field, and the significance of metrics in demonstrating value. They discuss the evolving role of AI in cybersecurity, the necessity of critical thinking, and the importance of mentorship and community support for aspiring professionals.TakeawaysThe journey into cybersecurity often starts with hands-on experience rather than formal education.Understanding the implicit decision-making processes in CTI is crucial for effective intelligence work.Training and continuous learning are essential in cybersecurity.Metrics should focus on impact rather than just activities to demonstrate value to stakeholders.AI is transforming the landscape of intelligence, but critical thinking remains vital.Source assessment and information evaluation are key components of effective intelligence generation.The importance of storytelling in conveying intelligence to different stakeholders cannot be overstated.Building a community and supporting others in their journey is a fundamental aspect of professional growth.Recognizing influential figures in one's career can provide valuable insights and direction.The future of CTI will require adaptability and a focus on explicit decision-making processes.Resources and references mentionedThe APT 1 report - https://services.google.com/fh/files/misc/mandiant-apt1-report.pdfVenation - https://venation.digital/Gert-Jan speaking at the FIRST conference - https://youtu.be/2pSjbSx8J1Q?t=5202CTI-CMM web site - https://cti-cmm.org/SANS FOR578 - https://www.sans.org/cyber-security-courses/cyber-threat-intelligenceIntelligence ans Structured Analytic Techniques (SATs) training - https://inteltradecraft.com/sat-certificationsArno's LI profile - https://www.linkedin.com/in/reuser/Admiralty Scale SANS Blog post - https://www.sans.org/blog/enhance-your-cyber-threat-intelligence-with-the-admiralty-system/MISP Admiralty Scale - https://www.misp-project.org/taxonomies.html#_admiralty_scaleSANS talk on metrics - https://www.youtube.com/watch?v=-d38C3992aQGert Jan's Metric GitHub - https://github.com/gertjanbruggink/metricsMy SANS talk on measuring success of CTI programs - https://www.youtube.com/watch?v=5agsRg6-L4oChapters00:00 Introduction to Gert-Jan and the CTI Conference02:50 Gert-Jan's Journey in Cybersecurity05:51 The Role of Intelligence in Decision Making08:50 Training and Development in Cyber Threat Intelligence12:06 Consultancy and the Importance of Storytelling14:46 Generating and Consuming Intelligence17:37 The Distinction Between OSINT and OSINF20:49 Prioritization and Decision Making in Intelligence23:54 The Art of Failure and Learning26:55 Navigating the Intelligence Cycle29:53 Responding to Incidents and Public Perception35:38 Critical Thinking in Source Assessment39:48 Understanding Source Reliability43:04 The Role of AI in Intelligence51:31 Metrics and Measuring Impact01:06:02 Advice for Aspiring CTI Professionals01:11:49 Reflecting on Influential FiguresThis conversation is a compressed edit of an interview Freddy has conducted as part of his PhD research. The interview was recorded in April 21st, 2025 during the FIRST CTI Conference in Berlin.
まだレビューはありません