On 7 December 2022, ENISA CTI-EU 2022 took place in Brussels. I had the pleasure to present about putting how CTI teams can put their CTI process in motion. The problem statement was how CTI teams track the work they do and manage the CTI knowledge they produce. I elaborated on the value of workflow and case management for CTI teams and some basic ingredients for success.
The conference was a great success and ENISA people did a great job bringing together experts, researchers, practitioners, and academics to discuss about Cyber Threat Intelligence, especially within a European context. I enjoyed the format of the conference; every presentation should be 10 mins and another 5 mins for questions (I also learned that it is quite challenging to convey your key message within 10 minutes, definitely harder than initially thought). Some highlights:
- Valentino de Sousa (Accenture) presented on “CTI in practice: The C-suite Use Case”. This was my favorite presentation of the conference! Valentino provided some helpful insights and his framework on how to brief the C-Suite. Immediately helpful :)
- Anastasios Pingios (Booking.com) presented on the “Threat Landscape and Defences Against Mobile Surveillance Implants”. This topic is SO HOT RIGHT NOW with European Union and Anastasios did a great job presenting the state-of-the-art in this area.
- Loraine de la Fe (Microsoft) presented on “De-MStifying Threat Intelligence: MSTIC and DTAC Analysis at Microsoft”. It was a great presentation that provided context over Microsoft CTI work and especially the work MSTIC and DTAC teams do.
- Alexandre Dulaunoy (CIRCL) presented on “10 years of MISP – what’s next in threat intelligence information sharing?”. I think this presentation was a little bit emotional since MISP has gone through massive evolution during the past 10 years! I would love to see this presentation somewhere as a keynote (lengthier and a little bit wider in scope).
- Anna Chung (Palo Alto) presented on the “Hourglass Model”. Very interesting presentation and approach about the underground forums of cybercriminals. The Hourglass Model that Anna presented is helpful and indicative of her expertise in this area.
The slides of the conference’s presentations will be made available by ENISA. My presentation’s slides can be seen below:
An additional challenge was to make a presentation mostly with memes and I hope you enjoy the final result. As always, any feedback is always more than welcome :)