Which threats matter most to my organization? A common question from security leadership, but usually not an easy (or quick) one to answer. This session provides practical guidance that empowers teams of virtually any size & maturity level to quickly start building, fine tune, and take action around a tailored cyber threat profile, enabling them to surface and prioritize the adversaries & techniques most relevant to their organization.
Cyber threat profiling is a powerful capability that gives teams greater focus and confidence to proactively address threats, but its adoption has been limited by misconceptions and lack of repeatable guidance on how to practically build profiles. We will walk through best practices for setting up a profile, using publicly-accessible resources to populate it quickly, and key factors that are commonly considered when fine-tuning a profile. Importantly, we will also demonstrate what can be done after a profile is built (identify defensive gaps & prioritize them for remediation), and tips for maintaining and updating your profile over time.