Treating Threat Intelligence as a ProgramOcwen Financial's CISO, Venkatesh Subramaniam, Offers Strategic Insights
Threat intelligence needs to be treated as a program, and not a technical point-in-time solution, says Venkatesh Subramaniam, global CISO at U.S.-based Ocwen Financial Corp., a mortgage loan servicing company
See Also: Threat Intelligence - Hype or Hope?
In a video interview conducted at Information Security Media Group's Fraud & Breach Prevention Summit Mumbai, Subramaniam stresses that threat intelligence needs to be operationalized in the context of business risk and not in a generic manner.
"If you approach TI as a program, not only can it be of tactical value to your defense, it can be of strategic value to your senior management if the end goal is risk reduction," he says. "So why not take a top-down approach and marry the two instead of just looking at the technical side of things? I think that's where people are losing out." (See: Beyond Feeds: Put Threat Intel to Work)
When you approach TI as a program, there are prerequisites that need to be fulfilled, he points out.
"You need to ensure that the first stage of your security program is aligned to your business, before you even start looking at ingesting external threat intelligence feeds," Subramaniam says. "You need to look at whether you have the fundamental security hygiene in place, followed by the next step, which is leveraging your SIEM investments properly, and start ingesting internal information from a context perspective. It's only post this that threat intelligence would be effective to an organization and could be made actionable from a threat hunting perspective."
In this exclusive video interview with ISMG, Subramaniam also covers:
- The reason most organizations fail to effectively leverage threat intelligence;
- The prerequisites to actionable threat intelligence;
- The future of analytics, threat intelligence and SIEMs.
Subramaniam has more than 23 years of experience in the information security domain and has worked in diverse areas of security in several business sectors, including finance and telecom, and at Fortune 50 companies globally. He is currently the global CISO at Ocwen Financial Corp., where he is responsible for oversight of the security program and heads the business continuity office. Prior to this, he was the CISO for Idea Cellular and its subsidiaries.