A4. Introducing the Colorado Threat Information Sharing (CTIS) Initiative
Wednesday, May 9, 2018
9:25 AM - 10:25 AM
Many of us review the latest threat intelligence - vetted and attributed lists of known bad IPs and summaries of the latest malware and attack vectors. Drawing on an automobile analogy, a lot of this information is like looking in the rear view mirror. Although its accurate and useful, much of it has already happened and is behind you. But don't you need to know what's in the lanes on either side of you? In this session you will learn about how a group of dedicated government security leaders formed the Colorado Threat Information Sharing (CTIS) initiative.
After completing this session, the learner will understand:
- Why sharing emerging threat intelligence is important
- Technologies that can be levered
- Lessons learned from our efforts
- Pros and cons of sharing early threat information
- How you might form a similar forum for your business
Rich Schliep, CISSP, has over 15 years of experience in information technology and is the Chief Information Security Officer (CISO) at the Colorado Department of State. He oversees the Colorado Secretary of State's information security program and network, including security over the State's voter registration database.
Tim McCain, CISM, CIPM, has been in the governance, risk and compliance industry for 17 years, acting at the manager, director and CISO levels of start-ups to multi-national corporations, including public and private sector. Each company has afforded him the opportunity to be a valued partner in the contracting process from the vendor, partner and customer seats at the negotiation table. He is currently the Information Security Officer for the City of Aurora.
Stephen E. Coury, CISA, is a frequent speaker at RMISC with over 25 years of experience in information technology, including over 15 years in IT Audit, in municipal government, consumer and investment banking, insurance, and telecommunications.