Risk Management

Treating Threat Intelligence as a Program

Ocwen Financial's CISO, Venkatesh Subramaniam, Offers Strategic Insights

Threat intelligence needs to be treated as a program, and not a technical point-in-time solution, says Venkatesh Subramaniam, global CISO at U.S.-based Ocwen Financial Corp., a mortgage loan servicing company

See Also: 2017 Predictions on Data Security: Insights on Important Trends in Security for the Banking Industry

In a video interview conducted at Information Security Media Group's Fraud & Breach Prevention Summit Mumbai, Subramaniam stresses that threat intelligence needs to be operationalized in the context of business risk and not in a generic manner.

"If you approach TI as a program, not only can it be of tactical value to your defense, it can be of strategic value to your senior management if the end goal is risk reduction," he says. "So why not take a top-down approach and marry the two instead of just looking at the technical side of things? I think that's where people are losing out." (See: Beyond Feeds: Put Threat Intel to Work)

When you approach TI as a program, there are prerequisites that need to be fulfilled, he points out.

"You need to ensure that the first stage of your security program is aligned to your business, before you even start looking at ingesting external threat intelligence feeds," Subramaniam says. "You need to look at whether you have the fundamental security hygiene in place, followed by the next step, which is leveraging your SIEM investments properly, and start ingesting internal information from a context perspective. It's only post this that threat intelligence would be effective to an organization and could be made actionable from a threat hunting perspective."

In this exclusive video interview with ISMG, Subramaniam also covers:

  • The reason most organizations fail to effectively leverage threat intelligence;
  • The prerequisites to actionable threat intelligence;
  • The future of analytics, threat intelligence and SIEMs.

Subramaniam has more than 23 years of experience in the information security domain and has worked in diverse areas of security in several business sectors, including finance and telecom, and at Fortune 50 companies globally. He is currently the global CISO at Ocwen Financial Corp., where he is responsible for oversight of the security program and heads the business continuity office. Prior to this, he was the CISO for Idea Cellular and its subsidiaries.


About the Author

Varun Haran

Varun Haran

Associate Editor, ISMG

Haran has been a technology journalist in the Indian market for over six years, covering the enterprise technology segment and specializing in information security. He has driven multiple industry events such as the India Computer Security Conferences (ICSC) and the first edition of the Ground Zero Summit 2013 during his stint at UBM. Prior to joining ISMG, Haran was first a reporter with TechTarget writing for SearchSecurity and SearchCIO; and later, correspondent with InformationWeek, where he covered enterprise technology-related topics for the CIO and IT practitioner.




Around the Network