Earlier this month, CTA was all-hands on deck for the virtual Virus Bulletin conference, aka. ‘vblocalhost,’ where we coordinated and sponsored the Threat Intelligence Practitioners’ Summit (TIPS). TIPS spanned a range of perspectives from different corners of the world and highlighted distinct approaches to threat intelligence.
If you missed the event or haven’t yet had a chance to check it out, don’t worry! TIPS is still available free and on-demand at this link.
We were delighted to welcome Sophos CTO Joe Levy to kick off the summit. Joe gave a fascinating keynote on the challenges of threat intelligence sharing framed using game theory, an approach that models strategic interactions between rational decision-makers.
Joe Levy, CTO, Sophos. The Sophos 2021 Threat Report is based on insights from the work of SophosLabs on malware and spam analysis, and by the Sophos Rapid Response, Cloud Security, and Data Science teams. The 36-page report is comprised of four sections. Sep 03 2020 By Joe Levy It has been less than 11 months since the launch of Sophos Managed Threat Response, our 24/7 human-led threat hunting, detection, and response service. The service’s rapid growth and success is proof that the strategy we have chosen has struck a chord with customers around the world. SOPHOS EVOLVE: Latam - Featuring a host of respected industry experts you’ll get insights on what's changing and practical advice how to adapt and stay safe. If you’re an existing Sophos customer or partner you’ll learn about the latest innovations, and if you’re new to Sophos you’ll get the chance to discover why Sophos is a leader in cybersecurity. Sophos chief technology officer (CTO) Joe Levy said it had been looking for a while at arming partners with a service that could respond to a customer’s needs.
“The dynamics of threat sharing have much in common with core ideas in game theoretic analysis of cooperation under competition. We can change these dynamics by understanding sharing as a game and finding leverage points that lead to more and better sharing.” — Joe Levy, Sophos
Our concluding keynote from Noortje Henrichs of the Dutch National Cyber Security Center (NCSC) offered a great window onto the work of governments in the threat intelligence space. She described not only the obstacles that NCSC faces in operationalizing and distributing actionable threat intelligence with limited resources and to diverse recipients, but also how NCSC has worked to overcome those obstacles.
Joe Levy Sophos Client
“CERTs need to be able to provide threat intelligence across all levels – technical, tactical, operational, strategic – so we have people with different kinds of expertise who work together to meet this need.” — Noortje Henrichs, Dutch NCSC
Also on the menu at the TIPS track?
Of course, virtual conferences abound in 2020. Staying focused on our field and driving turnout through social media, our website, and a virtual CTA booth allowed us to get the message out about threat intelligence (and sharing) to a larger crowd than we would have reached in-person.
We are extremely grateful to both our individual speakers and panel discussion participants for all of the time and energy that they put into the event. Similarly, we are grateful to the organizers, Virus Bulletin, for their hard work and perseverance through the uncertainty of these past few months.
Sophos Managed Threat Response
CTAintelligence sharingthreat intelligenceVirus Bulletin