Hi [[ session.user.profile.firstName ]]

LookingGlass Cyber Solutions

  • Date
  • Rating
  • Views
  • Success Factors in Threat Intelligence: Part 3 - Key Elements
    Success Factors in Threat Intelligence: Part 3 - Key Elements Allan Thomson, Chief Technical Officer Recorded: Jul 19 2017 49 mins
    This series describes a comprehensive “business technical approach” to the justification, definition, design and execution of Threat Intelligence Programs.

    What do we mean by “business technical approach’ to Threat Intelligence?

    Much in the industry is focused solely on one technical aspect or another of threat intelligence data that indicates information about a specific malware family, a set of indicators that can be used to block malicious sites, campaign information that highlights a threat actors profile, their tactic, techniques and procedures. But much of the technically focused content do not discuss how organizations can gather or construct that information themselves, and even more so, how an organization would organize themselves to respond to such data. Much of the output of the industry is providing the fish to organizations rather than teaching the organizations how to fish themselves.

    A ‘business technical approach’ is one where we define an approach focused on the business needs, the organization personnel, organizational roles & responsibilities, team structure and those elements’ interaction with technology to address the challenge of successful threat intelligence operations. Our goal is to help organizations build effective Threat Intelligence programs.

    With Part 2, we introduced the overall vision of a successful TI Program. In this webinar, we dig into the key elements of the TI program with concrete examples, and key components of the program that must exist including the right team, process, tools, metrics and connections.
  • Success Factors in Threat Intelligence: Part 2 - Starting a Program
    Success Factors in Threat Intelligence: Part 2 - Starting a Program Allan Thomson, Chief Technical Officer Recorded: Jun 29 2017 46 mins
    This series describes a comprehensive “business technical approach” to the justification, definition, design and execution of Threat Intelligence Programs.

    What do we mean by “business technical approach’ to Threat Intelligence?

    Much in the industry is focused solely on one technical aspect or another of threat intelligence data that indicates information about a specific malware family, a set of indicators that can be used to block malicious sites, campaign information that highlights a threat actors profile, their tactic, techniques and procedures. But much of the technically focused content do not discuss how organizations can gather or construct that information themselves, and even more so, how an organization would organize themselves to respond to such data. Much of the output of the industry is providing the fish to organizations rather than teaching the organizations how to fish themselves.

    A ‘business technical approach’ is one where we define an approach focused on the business needs, the organization personnel, organizational roles & responsibilities, team structure and those elements’ interaction with technology to address the challenge of successful threat intelligence operations. Our goal is to help organizations build effective Threat Intelligence programs.

    In Part 1 of the CSO Series we introduced the key business and technical requirements of TI programs. In Part 2 webinar we will examine some important definitions to consider in TI and how to start building the program based on the requirements identified in Part 1 of the series. We will introduce to the audience the overall vision of the TI program execution, doing gap analysis on existing security programs and identifying where the TI program can complement and enhance existing investments.
  • Success Factors in Threat Intelligence: Part 1 - Business Requirements
    Success Factors in Threat Intelligence: Part 1 - Business Requirements Allan Thomson, Chief Technical Officer Recorded: Jun 8 2017 46 mins
    This series describes a comprehensive “business technical approach” to the justification, definition, design and execution of Threat Intelligence Programs.

    Much in the industry is focused solely on one technical aspect or another of threat intelligence data that indicates information about a specific malware family, a set of indicators that can be used to block malicious sites, campaign information that highlights a threat actors profile, their tactic, techniques and procedures. But much of the technically focused content do not discuss how organizations can gather or construct that information themselves, and even more so, how an organization would organize themselves to respond to such data. Much of the output of the industry is providing the fish to organizations rather than teaching the organizations how to fish themselves.

    A ‘business technical approach’ is one where we define an approach focused on the business needs, the organization personnel, organizational roles & responsibilities, team structure and those elements’ interaction with technology to address the challenge of successful threat intelligence operations.

    In Part 1 we will examine what drives CISOs and organizations to consider adoption of a threat intelligence practice. CISO’s are focused on Risk reduction to their organizations but may not have a fully defined set of requirements on who, how, where Threat Intelligence can assist in that high-level goal. They may require a solid business case to justify the investment and have a supporting set of well-defined business and technical requirements. Some key questions help formulate the executive’s plan.
    -What are the costs of solving these requirements?
    -How can my organization’s revenue be protected while investing in TI?
    -What is the right balance of both tactical and strategic Threat Intelligence-driven responses?
    -Where can existing investments be leveraged?
  • Bigger Isn't Always Better: Assessing Cyber Risk to Reduce Your Attack Surface
    Bigger Isn't Always Better: Assessing Cyber Risk to Reduce Your Attack Surface Eric Olson, VP of Intelligence Operations, and James Carnall, VP Cyber Security Center Recorded: May 10 2017 52 mins
    Ransomware, spear phishing and third party breaches have become a huge problem as organizations become more connected online and expand their cyber footprint. When even the largest and most
    sophisticated global organizations, government agencies, and multinational banks are routinely penetrated and taken offline by cyber criminals, how can a concerned enterprise quickly and cost-effectively evaluate their own risk?

    During this webinar, Vice President of Intelligence Operations, Eric Olson, and VP of Cyber Security Center, James Carnall, will discuss how organizations can evaluate their internal and third party cyber risk to:

    · Minimize your attack surface for increased visibility
    · Make smarter and more cost-effective investments in your security posture
    · Proactively look for potential leaks, theft of sensitive data or other holes in your security posture
  • Assessing Targeted Attacks in Incident Response Threat Correlation
    Assessing Targeted Attacks in Incident Response Threat Correlation Allan Thomson, CTO, and Jamison Day, Principal Data Science Engineer Recorded: Apr 12 2017 52 mins
    The current number of active cyber threats is astounding. Do you know which threats are targeting you right now and which threats are likely to cause greatest harm to your company?

    This session examines how correlating network flow data with cyber threat information during incident response provides knowledge of not only what threats are active or targeting you, but which of your assets are being targeted before or during an incident. We examine the many data types used in commonly-shared indicators of compromise and explore which provide for automating correlation with network flow data. The pros and cons of common correlation algorithms are discussed with a focus towards their contributions and limitations to enhancing threat intelligence efforts. Proper network flow correlation should provide a foundation for performing risk-based mitigation that identifies the threats that are creating the greatest loss of value for your organization rather than chasing down the threats deemed most harmful by the industry.
  • How Are You Managing Cyber Risk From Your Third-Party Relationships?
    How Are You Managing Cyber Risk From Your Third-Party Relationships? Ryan Curran, Senior Sales Engineer Recorded: Mar 30 2017 42 mins
    Outsourcing and strategic partnerships have become a staple in today's business climate, enabling organizations to drive business value and stay ahead of the competition. However, moving company information outside of its own defense perimeter opens an organization up to a myriad of cybersecurity vulnerabilities. Organizations need to have the tools and resources to determine the risk from 3rd party relationships and manage that risk in a timely and consistent manner.

    In this webinar, Senior Sales Engineer Ryan Curran will help you learn how to:
    ~ Identify and monitor threats targeting your extended ecosystem
    ~ Use a threat intelligence platform for third-party risk management workflows
    ~ Leverage Threat Indicator Confidence Scoring and pre-packaged threat intelligence to start monitoring 3rd parties within minutes
  • Threat Intelligence Gateway: An Unconventional Weapon for An Unconventional War
    Threat Intelligence Gateway: An Unconventional Weapon for An Unconventional War Kinshuk Pahare, Director of Product Development, LookingGlass Recorded: Feb 28 2017 37 mins
    The cyber threat landscape is constantly evolving and conventional security products (Firewalls, IPS/IDS and web proxies) are unable to address emerging threats in a fast and efficient manner. LookingGlass’ newest threat mitigation appliance, the ScoutShield Threat Intelligence Gateway, provides a zero-touch solution to automate the threat response.

    Join our Director of Product Management, Kinshuk Pahare as he discusses the:
    1. Challenges with conventional security appliances and the need for a Threat Intelligence Gateway.
    2. Importance of having high quality threat intelligence.
    3. Must-have characteristics of a Threat Intelligence Gateway appliance.
  • Building a Threat Intelligence Program
    Building a Threat Intelligence Program Mike Rothman and AJ Shipley Recorded: Nov 17 2016 61 mins
    Security teams continually look for better ways to collect, analyze, and apply threat intelligence. Join our webcast with industry experts Mike Rothman and A.J. Shipley in their lively discussion of building, optimizing, and getting more value from your threat intelligence program. They’ll explore:

    •Evaluating data quality
    •Understanding threat context, relevance and priority
    •Key use cases around threat prevention, detection, and remediation
    •Best practices and advanced tools & technologies.
  • Phishing Prevention: Be Suspicious and Don't Get Hooked
    Phishing Prevention: Be Suspicious and Don't Get Hooked James Carnall and Greg Ogorek Recorded: Nov 3 2016 56 mins
    Although it’s been around for years, phishing is still one of the most common and effective online scams – and it just continues to grow. In Q1 2016 alone, phishing attacks grew approximately 250 percent. There were more phishing attacks during that three-month span than any other since 2004.

    Phishing scams are increasingly difficult to detect. Using information freely available on the internet about you or your organization, cyber criminals carefully craft a message that contains real information that you are inclined to trust. It can come to you in many ways including emails, SMS messages, phone calls, or impersonating websites. Often, there is a sense of urgency that’s paired with a message that makes you react with your emotions instead of thinking. So, how do you protect yourself and your organization from phishing scams?

    Join LookingGlass cyber security experts James Carnall and Greg Ogorek as they explore the world of phishing scams and phishing protection solutions. To set the context, the diverse types of phishing scams will be outlined along with very realistic examples that make these lures come to life. Next, we will investigate the growing risks by highlighting the changing cyber threat landscape specifically attributed to phishing. We will wrap up by discussing a wide range of phishing protection solutions.
  • Operationalizing Threat Intelligence: ESG Analyst Research, Insights, Use Cases
    Operationalizing Threat Intelligence: ESG Analyst Research, Insights, Use Cases LookingGlass Cyber Solutions Recorded: Aug 17 2016 50 mins
    Join us to learn about recent analyst research and real-world use cases to help you better Operationalize Threat Intelligence.

    Jon Oltsik, Senior Principal Analyst at Enterprise Strategy Group (ESG), will set the stage with research results on the state of the threat intelligence market.

    Jon and A.J. Shipley, VP of Products at LookingGlass Cyber Solutions, will then dive into a lively discussion on the role of threat intelligence in incident response, securing the perimeter, supply chain management, and compromised credentials.

    Key use cases will include closing the gap in DNS, leveraging APIs for SIEM, addressing protocol-specific infrastructures, and much more.

    Sign up today to ensure you receive all the valuable insights, strategies, best practices and key use cases on operationalizing threat intelligence to help improve your organization’s cybersecurity posture and lower risk.

Embed in website or blog