Texas Cyber Summit II

Talk Details:

In this talk I'll discuss how DHS is leveraging classified threat intelligence to monitor, track, and hunt foreign intelligence activity in US Based Critical Infrastructure. We'll also discuss how you can use the same techniques to label threat intelligence and begin to perform predictive analytics based on aggregated threat intelligence and historical metrics.

We'll cover:

• Organizing threat intelligence into meaningful and useful data
• Ingesting historical metrics into structured databases to provide calculable metrics
• Processing databases through supervised learning data science algorithms to uncover patterns
• Analyze uncovered patterns to develop cautionary predictions around industry based attack patterns
• How to pair observed threat activity with MITRE ATT&CK TTPs to research potential attribution

This presentation is born out of the DHS ECS (Enhanced Cybersecurity Services) program that is designed to quickly bring actionable classified threat intelligence to all US Based Critical Infrastructure.

Details about the DHS ECS program can be found here.