Building Capable Threat Intelligence Programs | Intel471 Skip to content

Building Capable Threat Intelligence Programs

Homepage Hero

Starting a cyber threat intelligence program (CTI) prompts many questions: What intelligence is most useful? Where are the data sources? How can you satisfy stakeholders? And ultimately, how you demonstrate that a CTI program prevented security incidents? John Fokker, head of threat intelligence at Trellix, says that it is possible to build effective CTI programs with smaller teams but stakeholder buy-in is important. In this episode of Studio 471, we also discuss the Cyber Threat Intelligence Capability Maturity Model (CTI CMM), a framework under development by CTI experts. The framework, due to be released later this year, aims to guide organizations to building more capable and mature CTI programs.

John Fokker, Head of Threat Intelligence, Trellix
Jeremy Kirk, Executive Editor, Cyber Threat Intelligence, Intel 471