Future of Threat Intelligence

ISG's Jeff Orr on Moving Beyond Perimeter Defense to Dynamic Security

Listen Later

Jeff Orr, Director of Research & IT Technologies at ISG, brings over three decades of technology experience to his discussion with David about transforming enterprise security approaches. On this episode of The Future of Threat Intelligence, Jeff shares his explanation for why traditional security investments focused primarily on protection are leaving organizations vulnerable, with 98% experiencing significant incidents despite increased spending. 

The conversation also explores the critical need to shift from perimeter defense to comprehensive security programs that include detection and recovery, while addressing the challenges of limited budgets and resources. Jeff offers practical insights about aligning security with business objectives, leveraging AI effectively, and building valuable industry peer networks to stay ahead of emerging threats. 

Topics discussed:

  • The evolution from traditional perimeter defense approaches to comprehensive security programs that include detection and recovery capabilities.
  • Research findings that show 98% of organizations experienced significant security incidents despite increased investment in protection.
  • The importance of aligning security goals with business objectives rather than treating security as an isolated technical challenge.
  • Leveraging AI and machine learning as assistive technologies to help address staffing gaps and alert fatigue in security operations.
  • Balancing security investments across protection, detection, and recovery capabilities while operating under constrained budgets.
  • The role of experience and human intuition in security operations, and how AI can complement but not replace seasoned practitioners.
  • Building effective community networks within industries and geographic regions to share threat intelligence and security insights.
  • The importance of breaking down silos between IT and security teams to leverage existing tools and observability capabilities.
  • Developing risk-based approaches to security that align with business risk appetite and operational priorities.
  • Creating effective tabletop exercises that include business stakeholders to better understand and prepare for security incidents.

    • Key Takeaways: 

    • Diversify security investments beyond perimeter protection by allocating specific budget percentages to detection and recovery capabilities.
    • Establish clear metrics linking security initiatives to business outcomes through collaboration with department leaders and stakeholders.
    • Implement automated threat intelligence sharing within your industry vertical to leverage collective insights about emerging attack patterns.
    • Deploy AI-powered security tools strategically to address alert fatigue while maintaining human oversight of critical security decisions.
    • Create cross-functional teams between IT and security to leverage existing observability tools and network monitoring capabilities.
    • Develop comprehensive incident response plans that include business continuity strategies beyond just technical recovery procedures.
    • Institute regular brown bag sessions between security and IT teams to share knowledge about emerging threats and technical capabilities.
    • Build regional security partnerships with peer organizations to share attack intelligence and mitigation strategies.
    • Schedule quarterly tabletop exercises that involve business stakeholders in scenario planning for security incidents.
      • ...more
      View all episodesView all episodes
      Download on the App Store
      Future of Threat IntelligenceBy Team Cymru
      • 4.5
      • 4.5
      • 4.5
      • 4.5
      • 4.5

      4.5

      11 ratings

      More shows like Future of Threat Intelligence

      View all
      Global News Podcast by BBC World Service

      Global News Podcast

      7,709 Listeners

      WSJ What’s News by The Wall Street Journal

      WSJ What’s News

      4,353 Listeners

      WSJ Tech News Briefing by The Wall Street Journal

      WSJ Tech News Briefing

      1,637 Listeners

      SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

      SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

      638 Listeners

      CyberWire Daily by N2K Networks

      CyberWire Daily

      1,022 Listeners

      The Daily by The New York Times

      The Daily

      112,342 Listeners

      Click Here by Recorded Future News

      Click Here

      415 Listeners

      Darknet Diaries by Jack Rhysider

      Darknet Diaries

      8,010 Listeners

      Talkin' About [Infosec] News, Powered by Black Hills Information Security by Black Hills Information Security

      Talkin' About [Infosec] News, Powered by Black Hills Information Security

      94 Listeners

      True Spies: Espionage | Investigation | Crime | Murder | Detective | Politics by SPYSCAPE

      True Spies: Espionage | Investigation | Crime | Murder | Detective | Politics

      1,960 Listeners

      Cyber Security Headlines by CISO Series

      Cyber Security Headlines

      134 Listeners

      Security Matters by CyberArk

      Security Matters

      22 Listeners

      Bloomberg Tech by Bloomberg

      Bloomberg Tech

      60 Listeners

      Microsoft Threat Intelligence Podcast by Microsoft

      Microsoft Threat Intelligence Podcast

      22 Listeners

      Better Offline by Cool Zone Media and iHeartPodcasts

      Better Offline

      548 Listeners