Threat Intelligence in ActionDon Gray of Solutionary on Responding to Today's Threats
As chief security strategist at Solutionary, Gray monitors global security threats. There are four that now concern him most: The evolution of malware; attacks on web applications; distributed-denial-of-service attacks; and the mobile bring-your-own-device trend
How can organizations manage such varied risks - and more? They need greater visibility, Gray says."Organizations are struggling to get the ability to understand when these attacks are occurring or when precursors to an attack are occurring," he says. "And so ... the time that can elapse between when the attack actually occurs and when it's identified - that's one of the things organizations struggle with most."
To gain that greater visibility, Gray says organizations need to leverage actionable threat intelligence, which is a combination of ingredients: an indicator of a threat that's likely to occur to your organization, based on a defined risk to your organization, and grounded in specific information about that threat. "If the threat isn't specific, it's not actionable," Gray says. "Without all those ingredients together, I don't know how you can have actionable intelligence."
In a pre-RSA interview about the concept of actionable threat intelligence, Gray discusses:
- 2013's top emerging threats;
- Why many organizations are ill-prepared for these threats;
- How to leverage actionable threat intelligence.
A veteran of technology applications development since 1991, Gray brings "in-the-trenches" information security experience to his role as Solutionary's chief security strategist. In his role, Gray leads the Security Engineering Research Team (SERT) and is directly involved with researching new threats and overall information security trends. He is co-chair of the Cloud Security Alliance's Top Threat Working Group, leading the development of the CSA's Top Threats Report. Gray is regularly quoted in the media as an information security expert and is a frequent speaker at industry events including Gartner Security Summit, Forrester Security Forum, CSO Breakfast Club series and key channel partner events.
Additional Summit Insight:
Hear from more industry influencers, earn CPE credits, and network with leaders of technology at our global events. Learn more at our Fraud & Breach Prevention Events site.