Using Cyber Threat Intelligence to defend against advanced cyber threats: The Theories and Practice

The Hague | Hague Security Delta • 29 Sep 2017

As the complexity and number of Cyber Attacks continue to rise, companies and governments set-up Cyber Threat Intelligence practices to understand their threat reality and invest in their defenses. The WannaCry pandemic is an example of the most recent, visible, developments in the evolution of advanced cyber threats. TNO, together with EclecticIQ and RedSocks, share their knowledge and expertise, based on research and international practice.
Cyber Threat Intel Lab


Talk 1: Cyber Threat Intelligence – Innovating Towards a Mature CTI Capability
By Richard Kerkdijk, Senior Security Consultant at TNO
Over the past years, the landscape of cyber threats has greatly evolved. To keep up with the sophisticated methods of cyber adversaries, many organizations are developing Cyber Threat Intelligence (CTI) capabilities. In essence, such capabilities serve to anticipate (existing or emerging) cyber threats (rather than awaiting an incident). This presentation will introduce the concept of CTI, the position of CTI operations in an organizational context and the typical (im)maturity of present day CTI practices. It will also address the need for automation in CTI operations and provide some perspective on present day automation solutions. The presentation will conclude by sharing some practical experiences in CTI sharing and collaboration.

Talk 2: Cyber Threat Intelligence in practice: insights from a community-driven approach
By Maxime Boegem, Production Manager EclecticIQ Fusion Center at EclecticIQ
Recent global attacks such as Wannacry and Petya show the need for incorporating cyber threat intelligence into an organization’s security operation. Attacks are continuously becoming more complex, whereas solutions can often be provided efficiently by a community-driven approach. Technologies such as threat intelligent platforms are maturing quickly, however ‘trust’ continues to be a challenging factor within intelligence communities. How can we evolve communities to a level where everyone can easily contribute?

Talk 3: I Stopped Being Surprised, and Started Being Prepared
By Reza Rafati, Malware Intelligence Team Coordinator at RedSocks Security
Threat Intelligence should provide insights on what is happening in a monitored environment, so the time of being surprised is long gone, the information age is now, and the use of threat intelligence is a must if you want to stay in control of your environment.

For whom

This half day event is for cyber security professionals (CISOs, CIOs, IT security staff) working at medium-to-large companies and governments that want to familiarize their selves with Cyber Threat Intelligence theories and practices. It does not require a strong technical background.

Register now

For more information about the program, speakers and eventregistration, go to ...


Location The hague - HSD Campus

Wilhelmina van Pruisenweg 104
NL-2595 AN The Hague

Our work

Cyber Security Lab

The technical facilities in the Cyber Security Lab are made available to promising cyber security innovation projects. In the Cyber Security Lab we take up current challenges in cyber security using a... Read more
Our work

European Cyber Security Perspectives

At the end of each year, TNO and three of its key partners in cyber security jointly produce the European Cyber Security Perspectives report. Through this collection of articles, we aim to share our different... Read more

TNO and financial service providers launch ‘Innovating in cyber security’ magazine

15 May 2017
On Tuesday 16 May, TNO publishes the first edition of a new magazine entitled ‘Innovating in Cyber ​​Security’, in partnership with ING, ABN AMRO, Rabobank and Achmea. The magazine presents the tangible... Read more

Challenges and threats were never greater than today

09 May 2017
Our cybersecurity challenges were never greater, nor were the threats to confidentiality, integrity, and availability never sharper than today, where weaknesses in information security leads to geopolitical... Read more

TNO together with NCSC-NL launches the guide ‘Dealing securely with the Internet of Things’

17 May 2017
On 17 May, at the International One Conference, TNO launches in cooperation with the National Cyber Security Centre (NCSC-NL) the guide ‘Dealing Securely with the Internet of Things’. This guide gives... Read more


Stay up to date with our latest news, activities and vacancies

We use anonymous cookies to enhance the use of our site. Our privacy statement has been updated to reflect the new EU privacy policy.