Cybersecurity first principles: Intelligence operations.

Show Notes

This is the seventh show in a planned series that discusses the development of a general purpose cybersecurity strategy for all network defender practitioners - be they from the commercial sector, government enterprise, or academic institutions - using the concept of first principles.

We are building a strategy wall, brick by brick, for a cyber security infosec program based on first principles. The foundation of that wall is the ultimate and atomic first principle: Reduce the probability of material impact to my organization due to a cyber event. That’s it. Nothing else matters. This simple statement is the pillar, on which we can build an entire infosec program.

This next building block will start the second course of the wall because it directly supports all of the other strategic bricks we have already laid.

This brick is called cyber threat intelligence operations.

Resources:

“Army Doctrine Publication: 2-0 Intelligence,” Headquarters Department of the Army, 31 August 2012, last visited 30 may 2020.
“Corporate Overview, the MITRE Company,” MITRE, last visited 30 may 2020.
“Espionage and Covert Operations: A Global History Course Guidebook,” by Professor Vejas Gabriel Liulevicius, University of Tennessee, Knoxville, The Great Courses, 2011, LAST VISITED 30 MAY 2020.
"Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains,” by Hutchins, Clopper, and Amin, Lockheed Martin Corporation, 2010, Last Visited 5 August 2019.
“Intelligence Operations,” by Christopher F. Gabel, Scholastic, last visited 30 may 2020.
"MITRE ATT&CK: Design and Philosophy,” by Blake E. Strom, Andy Applebaum, Doug P. Miller, Kathryn C. Nickels, Adam G. Pennington, and Cody B. Thomas, MITRE, 2018, Last Visited 30 June 2020.
“MITRE ATT&CK Evaluations,” MITRE, Last Visited 30 June 2020.
“Practical Cyber Intelligence: How action-based intelligence can be an effective response to incidents” by Wilson Bautista, Published March 29th 2018 by Packt Publishing.
“Star Wars - briefing scene HD,” by Balls Tesla, YouTube, 15 December 2016, Last Visited 30 June 2020.
“The Anatomy of Counterintelligence,” by A. C. Wasemiller, Central Intelligence Agency (CIA), 2 JULY 96, Last Visited 30 June 2020.
“The Cyber Threat Alliance,” Last Visited 30 June 2020.
“The Dirty Dozen - Planning the Attack,” by b3nn41dU, YouTube, 15 May 2013, Last Visited 30 June 2020.
“Threat Intelligence: Explained, Examined, & Exposed,” Sergio Caltagirone (Dragos) and Dave Bittner (Cyberwire), 25 October 2019, LAST VISITED 30 MAY 2020.

HOST(S):

Rick Howard is the CSO of N2K and the Chief Analyst, and Senior Fellow at the N2K Cyber, formerly CyberWire. His past lives include CSO at Palo Alto Networks, CISO at TASC, the GM at Verisign/iDefense, the Counterpane SOC Director, and the Commander of the Army's Computer Emergency Response Team (CERT). Rick served 25 years in the Army, taught computer science at West Point, edited two books and just published his own book, "Cybersecurity First Principles: A Reboot of Strategy and Tactics" and he is regularly joined at the N2K Cyber's Hash Table by a collection of industry experts.

Schedule: Mondays (in season)

Credits: Edited by John Petrik and executive produced by Peter Kilpe. Our theme song is by Blue Dot Sessions, remixed by the insanely talented Elliott Peltzman, who also does the show's mixing, sound, and original score

Creator: CyberWire, Inc.