on

Threat Intelligence & RSA

Cyber Defense Magazine has just published the following article of Nahim Fazal, Head of International Business Development at Blueliv.

Threat intelligence at RSARSA 2015 was very much the year of Threat Intelligence. That is the overwhelming sensation one is left with as the dust settles on the RSA conference for this year. Perhaps more than any other expression Threat Intelligence (TI) was the one that everyone seems to have adopted and made their own this year. I was trying to count the number of times I saw that phrase as I walked down the exhibition halls and I gave up after 3 minutes. I think by that that time I had seen the phrase at least on 15 booths.  I was surprised that even traditional SIEM vendors had adopted this term in an attempt to define their own solutions. But what this perhaps reflects is that end users have an increasing urgency and need for TI. Listening to the many people that came to speak to Blueliv it was clear there is a need for TI but end users are not quite sure how to deploy and use TI. I was also struck by the fact that the words APT seemed to have faded somewhat into the background noise of the conference. This was the buzzword of last year and this year there seems to have been a significant shift towards trying to grapple with and understand how best to deploy and use TI.

Integration was the second theme that struck me coming to the foreground this year. There were many people that spoke to me about their frustration as to how the tools that are supposed to identify security compromises more often than not fail to do so.  What could be done to try and improve existing security real estate that has already been deployed? There is no appetite to rip out expensively installed hardware, what there was however was a desire to feed threat intelligence into these devices to make them smarter. So what I heard from the many that visited the Blueliv booth was can TI be integrated with what I have already deployed? From the Blueliv perspective the answer was a resounding “yes it can”.

Finally, from a personal perspective, what for me was the most enjoyable part of the conference was the diverse range of organizations that were present there. I think I just about spoke to everyone from all of the continents around the world! Or is that my mind playing tricks on me? It felt that way! The conference was a wonderful opportunity to reach out and share our passion about security with people face to face that you would never otherwise have an opportunity to engage with. Everyone was speaking the language of security and everyone was asking the same question: how can we become more effective in dealing with the threats that are emerging and how can we move to a more strategic approach in dealing with cyber security threats and risks.

Download it here!

Nahim Fazal, 

Head of International Business Development at Blueliv

Demo Free Trial MSSP
Program