Mark Solomon, CMO of ThreatQuotient. and I had a chance to get together and talk SOAPA recently. In part 1 of our video, Marc gives a brief description about what ThreatQ does and then we proceed to chat about:
- What’s the deal with cyber threat intelligence (CTI)? For every SOC manager who tells me that threat intelligence is the foundation of security operations, another says that his or her organization struggles to operationalize threat intelligence. What’s going on here? Marc believes the term “threat intelligence” is somewhat poisoned and meaningless today. The real key is to collect, process, analyze, and act upon the CTI that aligns with your organization’s infrastructure, industry, location, etc., and then integrate it into every aspect of security ops.
- Use cases for ThreatQuotient. ThreatQ is lumped into a bucket called threat intelligence platforms (TIPs) but I know the product can do more than just weed through threat feeds. Marc says that 70% of customers use ThreatQ for other use cases like alert triage, incident response, phishing investigations, etc. ThreatQuotient is kind of a swiss army knife for SOAPA.
- Alert fatigue. I mention to Marc that ESG data points to an overwhelming volume of alerts and ask if this is consistent with what he is seeing. Marc agrees but reminds the audience that security is a big data problem. Therefore, it’s about normalizing and contextualizing the data to make it useful. By doing so, you can improve fidelity, accelerate processes, enhance collaboration, and see real ROI on security investments.
- SOC modernization. This term has become yet another piece of industry hyperbole, so I asked Marc what he thinks. To Marc, it all starts with the data, but the data tends to be siloed and in different formats today. Thus, SOC modernization starts with data normalization, integrated defenses, and a focus on enabling the SOC staff. Marc also emphasized the need for more process automation, process maturity, and improved collaboration processes and tools.
Marc’s an old hand at security so it was great to kibbitz with him about SOAPA. More soon in part 2 of our video.