Track 1
4 Feb 2022 11:30 AM - 12:00PM

In the CTI space, there’s a steady drumbeat repeating a mantra: security teams cannot successfully and sustainably operate in an intelligence silo. This feeds continuous discourse around how developing cross-boundary collaborations in intelligence sharing, standardization, and reporting are key to proactive defense, collective resilience, coordinated response, and effective remediation during an active attack. Of course!

Yet, the enormity - and complexity - of it all feels insurmountable when considering how CTI professionals can most effectively network and share intelligence *today*. So what’s really going on at the individual level?

This presentation shines a light on the human aspect of today’s CTI sharing practices via networks - both formal and informal, public and private. The session lays out the landscape of popular channels for CTI networking following peer-to-peer, peer-to-hub, and hybrid models; previous research and ongoing efforts to enhance CTI sharing by public-private groups; and well-known blockers (hello, legal approvals!) to effective networking. Survey insights add depth to this foundation by benchmarking real practitioner behaviors and attitudes. We seek answers like: how do good old-fashioned 1-to-1 ‘DMs’ compare to invite-only Discords, paid industry memberships, or national sharing initiatives? What real-world networking experiences actually prevented an attack?

Grace Chi
Cofounder & COO at Pulsedive
@euphoricfall

Grace works closely with defensive security and CTI practitioners all over the world, ranging from local consulting teams to enterprise operations. As a result, she has unique insights into the requirements and diverse traits of CTI success for individuals, teams, and organizations. On the weekend, she’s a hyper-serious cooperative board gamer and watercolorist.