Educause Security Discussion mailing list archives
Re: Threat Intel
From: "McCrary, Barbara" <bmccrary () OSRHE EDU>
Date: Fri, 16 Sep 2016 14:41:59 +0000
Thank you Aaron for sharing your slide deck. Much appreciated. [cid:image003.jpg@01D14954.D4A097F0] Barbara McCrary Chief Information Security Officer MCSE, MCSE:Security, +Messaging, CompTia:Security+ bmccrary () osrhe edu<mailto:bmccrary () osrhe edu> Protecting data is a shared responsibility! INSTALL antivirus and antispyware software. USE strong passwords. KNOW who you are dealing with online. STORE confidential and sensitive data on encrypted devices only. SHUT DOWN home computers or disconnect from the Internet when not in use. Oklahoma State Regents for Higher Education 655 Research Parkway Suite 200 Oklahoma City, OK 73104 405 225.9316 office 405 234.4321 cell 405 234.4588 fax Note: This communication and attachments, if any, are intended solely for the use of the addressee hereof. In addition, this information and attachments, if any, may contain information that is confidential, privileged and exempt from disclosure under applicable law, including, but not limited to, the Privacy Act of 1974. If you are not the intended recipient of this information, you are prohibited from reading, disclosing, reproducing, distributing, disseminating, or otherwise using this information. If you have received this message in error, please promptly notify the sender and immediately, delete this communication from your system. From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Baillio, Aaron Sent: Friday, September 16, 2016 8:44 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Threat Intel Earlier this week I attended a conference hosted by Anomali. The conference was called Anomali Detect and was the first they've hosted. The purpose of the conference was centered solely on IT threat intel and how to use it more effectively. Anomali is a vendor that aggregates threat intel and facilitates the organization and sharing of that information as well as other integrations. There were a number of other vendors there as well. I spoke during one of the breakout sessions and told the story of security in Higher Ed and how we use threat intel here at the University of Oklahoma. I wanted to share my slide deck in case it may help inform or help you direct your own intel efforts. We aren't by any means mature in how we are handling threat intel and have room to grow, but we've been using the Anomali product for several years as well as the individual feeds each product provides. Let me know if you have any questions! B. Aaron Baillio, Sec+, CEH, CISSP University of Oklahoma, Information Technology Managing Director, Security Operations and Architecture O: 405-325-7948 C: 254-400-6404
Current thread:
- Threat Intel Baillio, Aaron (Sep 16)
- Re: Threat Intel McCrary, Barbara (Sep 16)