Using Cyber Threat Intelligence to defend against advanced cyber threats: The Theories and Practice

The Hague | Hague Security Delta • 29 Sep 2017

As the complexity and number of Cyber Attacks continue to rise, companies and governments set-up Cyber Threat Intelligence practices to understand their threat reality and invest in their defenses. The WannaCry pandemic is an example of the most recent, visible, developments in the evolution of advanced cyber threats. TNO, together with EclecticIQ and RedSocks, share their knowledge and expertise, based on research and international practice.
Cyber Threat Intel Lab


Talk 1: Cyber Threat Intelligence – Innovating Towards a Mature CTI Capability
By Richard Kerkdijk, Senior Security Consultant at TNO
Over the past years, the landscape of cyber threats has greatly evolved. To keep up with the sophisticated methods of cyber adversaries, many organizations are developing Cyber Threat Intelligence (CTI) capabilities. In essence, such capabilities serve to anticipate (existing or emerging) cyber threats (rather than awaiting an incident). This presentation will introduce the concept of CTI, the position of CTI operations in an organizational context and the typical (im)maturity of present day CTI practices. It will also address the need for automation in CTI operations and provide some perspective on present day automation solutions. The presentation will conclude by sharing some practical experiences in CTI sharing and collaboration.

Talk 2: Cyber Threat Intelligence in practice: insights from a community-driven approach
By Maxime Boegem, Production Manager EclecticIQ Fusion Center at EclecticIQ
Recent global attacks such as Wannacry and Petya show the need for incorporating cyber threat intelligence into an organization’s security operation. Attacks are continuously becoming more complex, whereas solutions can often be provided efficiently by a community-driven approach. Technologies such as threat intelligent platforms are maturing quickly, however ‘trust’ continues to be a challenging factor within intelligence communities. How can we evolve communities to a level where everyone can easily contribute?

Talk 3: I Stopped Being Surprised, and Started Being Prepared
By Reza Rafati, Malware Intelligence Team Coordinator at RedSocks Security
Threat Intelligence should provide insights on what is happening in a monitored environment, so the time of being surprised is long gone, the information age is now, and the use of threat intelligence is a must if you want to stay in control of your environment.

For whom

This half day event is for cyber security professionals (CISOs, CIOs, IT security staff) working at medium-to-large companies and governments that want to familiarize their selves with Cyber Threat Intelligence theories and practices. It does not require a strong technical background.

Register now

For more information about the program, speakers and eventregistration, go to ...

Our work

European Cyber Security Perspectives

At the end of each year, TNO and three of its key partners in cyber security jointly produce the European Cyber Security Perspectives report. Through this collection of articles, we aim to share our different... Read more

TNO and financial service providers launch ‘Innovating in cyber security’ magazine

15 May 2017
On Tuesday 16 May, TNO publishes the first edition of a new magazine entitled ‘Innovating in Cyber ​​Security’, in partnership with ING, ABN AMRO, Rabobank and Achmea. The magazine presents the tangible... Read more

TNO together with NCSC-NL launches the guide ‘Dealing securely with the Internet of Things’

17 May 2017
On 17 May, at the International One Conference, TNO launches in cooperation with the National Cyber Security Centre (NCSC-NL) the guide ‘Dealing Securely with the Internet of Things’. This guide gives... Read more

Richard Kerkdijk MSc

  • security
  • information security
  • cyber security
  • security monitoring
  • incident response


Stay up to date with our latest news, activities and vacancies

TNO.nl collects and processes data in accordance with the applicable privacy regulations for an optimal user experience and marketing practices.
This data can easily be removed from your temporary profile page at any time.
You can also view our privacy statement or cookie statement.