Episode 147: Actualizing Threat Intel for Effective Defense

 

 

In episode 147 of Cybersecurity Where You Are, Sean Atkinson is joined by John Cohen, Executive Director of the Program for Countering Hybrid Threats at the Center for Internet Security® (CIS®); and Kaitlin Drape, Hybrid Threat Intelligence Analyst at CIS. Together, they discuss how to actualize threat intel for the purpose of building effective defense programs and operational response plans.

Here are some highlights from our episode:

  • 01:27. Which two questions you want to answer when providing intelligence on a threat
  • 05:19. How to avoid underutilizing or misunderstanding the utility of threat intel
  • 13.18. A real-life story from John of when intelligence made a difference in a security incident
  • 17:05. The foundation and building blocks of maturing your threat intelligence program
  • 22:14. The value of working with non-intelligence groups to formulate effective response plans
  • 24:22. CIS's ongoing work to help organizations proactively ingest and use threat intel
  • 28:24. How cross-collaboration across an organization brings threat intel into a lifecycle
  • 31:01. Kaitlin's work as an exemplar of how to make threat intelligence operational
  • 36:20. The ongoing evolution of hybrid threat intel to inform meaningful operational responses

Resources

If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing [email protected].

As of June 23, 2025, the MS-ISAC has introduced a fee-based membership. Any potential reference to no-cost MS-ISAC services no longer applies.