Increasing Efficiency of Threat Intelligence Collection via Cyclical Automation
During this session, our speaker, Mike Forgione, will discuss: Threat Intelligence is important for network defense operations. It provides several benefits to companies to reduce the number of tools that are thrown at the network to try to secure it. Automation comes in to help fill in some of the areas where we don’t have enough people to fill. The problem with automation currently is it is linear. TI operates in a cycle instead of a process so it’s much harder to automate. Cyclical automation was created for weather forecasting but can be used in other areas. It introduces several benefits over automation which includes inter-cycle dependency, cross cycle triggers, and reduces the amount of delays caused by linear automation. Cyclical automation can greatly increase efficiency of Threat Intelligence especially when discussing collecting from multiple sources. This is not a call to replace humans but to help reduce the workload so they can focus on areas that are needed.