• Profile picture for user Malcolm Harkins

    Malcolm Harkins

    Malcolm Harkins is the Chief Security and Trust Officer at Cylance. Malcolm reports to the CEO and is responsible for enabling business growth through trusted infrastructure, systems and business processes. He has direct organizational responsibility for information risk, security and privacy policy. Malcolm is also responsible for peer outreach activities to drive the world’s understanding of cyber risks and best practices to manage and mitigate those risks. Previously, Malcolm was Vice President and Chief Security and Privacy Officer (CSPO) at Intel. In that role, he was responsible for managing risk, controls, privacy, security, and other compliance activities for Intel’s information assets, products, and services. Before becoming Intel’s first CSPO, Malcolm was the Chief Information Security Officer (CISO) reporting into the Chief Information Officer. He also held roles in finance, procurement and other business operations. He has managed IT benchmarking and Sarbanes-Oxley compliance initiatives. Malcolm acted as the profit and loss manager for the Flash Product Group, was responsible for the delivery and support of Intel’s finance and HR systems as the general manager of Enterprise Capabilities and worked on an e-commerce hosting venture. Malcolm received his bachelor’s degree in economics from the University of California at Irvine and an MBA in finance and accounting from the University of California at Davis.

    Comments:0

    Add comment
Malcolm Harkins

How Do You Roll Out a Threat Intelligence Program?

Content

When you think of implementing a cyber threat intelligence program at your organisation, you may believe it will take millions in resources to have the right technology, the right people and the right strategy in place.

But the truth is, with the right approach, any organisation can not just implement a threat intelligence program—but succeed at it, and keep your organisation safer from cyberattacks, even if you don’t have an unlimited budget at your disposal.

As part of a recent listening session with the Cyber Resilience Think Tank, I talked about the four steps any organisation should take if they want to implement a threat intelligence program. Here’s a summary.

  1. Conduct an inventory of your IT Systems

We all have a lot of systems in our security environments and they're casting off a lot of data. How do we understand that? How do we prioritise it? You've got to understand your inventory.

You need to look at all your hardware, software, cloud services and data types to better understand which ones are required to keep the business running—then prioritise.

  1. Use open source threat intelligence

When I was chief security and privacy officer at a previous company, we didn't invest millions and millions of dollars on threat intelligence. What we did was gather that information from peers, partner with other organisations and use open source intelligence.

We used it tactically, but we also used it strategically and proactively because we created a quarterly review of the intelligence that we knew that we weren't harnessing, so that we could take a more proactive approach going forward.

For any company, a key facet of conducting threat intelligence is using open source intelligence that’s readily available. You want to use intelligence that’s specific to your industry and your technology portfolio.

When using open source threat intelligence, you should go in with the understanding that what you’re looking at may not be current. But it’s at least a start.

  1. Start maintaining an incident database

Knowledge is power, and when it comes to threat intelligence, you can glean a lot of knowledge based on what you’ve already experienced. Knowing what you’ve experienced in the past so that way, you can understand the root cause, and get in front of it going forward is key.

You can do this by gathering the information from what you’ve already experienced in an incident database of internal issues ranging from phishing emails to malware infections. Refer to this constantly as you determine the best course for technology and strategies for your program.

  1. Know your security stack

You may have parts of your security stack that already have intelligence feeds that you aren’t using. Turn them on and start utilising that intelligence. Additionally, you have to know how the parts of your stack integrate together or sometimes overlap so that you can manage the seams between them, because that's where you can also gain insights.

It’s all about being systematic in the collection of information, the interpretation of it, and then making good decisions tactically and having the right strategic dialogue so that you can take action to be proactive versus constantly reactive.

Do you need to explain threat intelligence to your stakeholders? A good start is our blog series, Threat Intelligence for the 99%.

Chief Security and Trust Officer, Cylance Inc

Malcolm Harkins is the Chief Security and Trust Officer at Cylance. Malcolm reports to the CEO and is responsible for enabling business growth through trusted infrastructure, systems and business processes. He has direct organizational responsibility for information risk, security and privacy policy. Malcolm is also responsible for peer outreach activities to drive the world’s understanding of cyber risks and best practices to manage and mitigate those risks. Previously, Malcolm was Vice President and Chief Security and Privacy Officer (CSPO) at Intel. In that role, he was responsible for managing risk, controls, privacy, security, and other compliance activities for Intel’s information assets, products, and services. Before becoming Intel’s first CSPO, Malcolm was the Chief Information Security Officer (CISO) reporting into the Chief Information Officer. He also held roles in finance, procurement and other business operations. He has managed IT benchmarking and Sarbanes-Oxley compliance initiatives. Malcolm acted as the profit and loss manager for the Flash Product Group, was responsible for the delivery and support of Intel’s finance and HR systems as the general manager of Enterprise Capabilities and worked on an e-commerce hosting venture. Malcolm received his bachelor’s degree in economics from the University of California at Irvine and an MBA in finance and accounting from the University of California at Davis.

Stay safe and secure with latest information and news on threats.
User Name
Malcolm Harkins