Threat Intelligence Case Study: A SIEM of SIEMs
Threat Intelligence APAC Session SpotlightAdd bookmark
When industry comes together with government through a true business case- a rising cyber security tide can indeed lift all boats. States across Australia are creating SOCs through integration with industry. Each organization is feeding actionable SIEM information through to those central SOCs so that they can then benefit from "SIEM of SIEM" integrated information.
The Federal government is also stepping up cyber security focus. New amendments have been proposed to the Critical Infrastructure Act- adding industries that are being defined as critical infrastructure and asking for minimum security obligations for those industries. They term these “systems of national significance.”
Horizon Power CISO, Jeff Campbell provides his point of view of what has been established in Western Australia, how the effort is being weaved through the greater country, lessons learned along the way and what steps should be taken next.
- Simultaneously engaging industry, public entities and government for a collective benefit
- Getting the organizational threat intelligence house in-order and sharing only actionable information
- Bridging the industry together with public entities and government for collective intelligence
- Gaining better organizational cyber security through receiving that holistic intelligence
- Understanding lessons learned from the two-year engagement
- Realizing next steps from here
Jeff notes that this all adds up to real-time, actionable information. It allows a greater focus on incident response- mean time to resolve, mean time to detect. “If threat intel helps us to shorten that meantime to detect all the better.”