Business Continuity Management / Disaster Recovery , Critical Infrastructure Security , Cybercrime

Unexpected Pairings: Wine Tasting and Threat Intelligence

Certified Sommelier Allan Liska on the Deductive Craft of Understanding Threats
Allan Liska, principal intelligence analyst, Recorded Future

In his spare time, ransomware expert Allan Liska likes to taste wine, so much so that he recently became a certified sommelier. While he thought he was branching out from his day job as principal intelligence analyst at Recorded Future, Liska says he's found numerous parallels between the two processes.

See Also: The Cost of Underpreparedness to Your Business

"The deductive tasting process is a lot like threat intel," he says. "Threat intel works because we have a history of attacks. And we can compare new attacks against those because bad guys don't change their techniques all at once. They evolve, but they evolve slowly. Well, wine tasting is the same way."

In a video interview with Information Security Media Group at RSA Conference 2022, Liska also discusses:

  • His work with the Ransomware Task Force and next steps;
  • Ransomware trends;
  • Advice for anyone who wants to get a job in threat intelligence.

With more than 20 years of experience in ransomware and information security, Liska has improved countless organizations' security posture using more effective intelligence. At Recorded Future, he provides ransomware-related counsel and key recommendations to major global corporations and government agencies. Liska, who works as a security practitioner and ethical hacker at Recorded Future, previously held similar roles with Symantec, iSIGHT Partners and FireEye. He serves on national ransomware task forces and speaks at global conferences. He has authored numerous books, including "The Practice of Network Security," "Building an Intelligence-Led Security Program," "NTP Security: A Quick-Start Guide," "Ransomware: Defending Against Digital Extortion," "DNS Security: Defending the Domain Name System" and "Ransomware: Understand. Prevent. Recover."

About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.