Collective Intelligence Podcast, Kris Mansson of Silobreaker
When the enterprise considers what threat intelligence is all about, it thinks in terms of technical, structured information: indicators of compromise, IP addresses, domains, hashes, and more. The journey to structure, however, begins with unstructured data, often vacuumed up from a quite sizable number of open and Deep & Dark Web sources.
In this episode of the Collective Intelligence Podcast, Kris Mansson, chief executive officer of technology company Silobreaker, explains how organizations are struggling with unmanageable volumes of security data, and their desire for context around that data in order to make better decisions about threats to their networks, resources, or people.
Even with threat intelligence platforms or security information and event management systems, organizations can still be overwhelmed by security alerts and data culled from dozens and dozens of sources. As Mansson said, “Now it’s a prioritization game.”
Technology and analysis that brings some measure of context to an avalanche of data and threat information enables organizations to understand the motivations behind what threat actors are up to, and what they’re up to on the open and dark webs. What vulnerabilities are attackers discussing? What code are they sharing? What exploits are for sale? Combine those insights with geopolitical activity, financial, or social machinations, and structured data begins to have context, and a road to finished threat intelligence materializes.
“We are trying to do the heavy lifting in terms of processing data and freeing up time for analysts to make decisions on top of it,” Mansson said. “Access to data is a given. It’s what you do with it that makes a difference.”
Mansson and Flashpoint Editorial Director Mike Mimoso also discuss the use cases for this approach to bringing structure to data and the journey to threat intelligence, as well as how cyber threat intelligence teams inside organizations are absorbing more responsibilities and expanding out to physical security, fraud, and other realms outside of cyber.
The Collective Intelligence Podcast, presented by Flashpoint and hosted by Editorial Director Mike Mimoso, features regular interviews with a diverse set of industry experts and Flashpoint analysts on the latest information security news and industry trends.
Michael Mimoso brings over a decade of experience in IT security news reporting to Flashpoint. As Editorial Director, he collaborates with marketing, analyst, and leadership teams to share the company’s story. Prior to Flashpoint, Mike was as an Editor of Threatpost, where he covered security issues and cybercrime affecting businesses and end-users.
Prior to joining Threatpost, Mike was Editorial Director of the Security Media Group at TechTarget and Editor of Information Security magazine where he won several ASBPE national and regional writing awards. In addition, Information Security was a two-time finalist for national magazine of the year. He has been writing for business-to-business IT publications for 11 years, with a primary focus on information security.
Earlier in his career, Mike was an editor and reporter at several Boston-area newspapers. He holds a bachelor’s degree from Stonehill College in North Easton, Massachusetts.