The Cosive Podcast - Cyber Threat Intelligence and Security Operations

Our website: https://www.cosive.comEveryone wants the CISO to care about their corner of the security landscape, so why is CTI any different? Cosive Field CISO Joe Cozzupoli argues that CTI can help CISOs prioritize investments in time and budget, and avoid rabbit-holes that waste time defending against irrelevant threats.

Drop us a line if you want assistance with securing FIRST.org membership for your team.Security teams often aspire to become FIRST members, but it can be a long and winding road to get there. In this interview, Terry breaks down each stage of the journey and charts a path forward. He says that contrary to what many people think, you don't need to be a rockstar organization to join.

In this episode of the Cosive podcast, Terry MacDonald and Prescott Pym are joined by CTI-CMM framework co-lead Colin Connor to dive into what CTI-CMM is, why it exists, and how to use it.The Cyber Threat Intelligence Capability Maturity Model (CTI-CMM) is an industry-driven framework for assessing and improving an organisation's CTI capability. At its core, it's all about helping CTI practitioners produce outcomes, not just outputs.CTI-CMM: https://cti-cmm.org/Cosive: https://www.cosive.com

Cosive Principal Consultant and CTI expert Prescott Pym discusses the how and why of threat sharing communities, including CTIS, the Australian Signals Directorate's national threat sharing program.👋 Check out our website: www.cosive.com

Can one analyst with zero budget start a Cyber Threat Intelligence (CTI) program? Yes! In fact, you may already have started a small threat intelligence program without even realising it. In this interview with Cosive CTO and renowned CTI expert Chris Horsley we delve into the following questions on how analysts and teams can start a threat intelligence practice with limited resources: What is CTI and what purpose does it serve today? What makes for a good threat intelligence analyst? How can one analyst get started with collecting, sharing and analysing threat intelligence? What are the biggest mistakes SecOps and CTI teams make when first getting started with threat intelligence? What makes for a successful threat intelligence program? How can analysts make the most of what they've already got, even without a big budget for expensive tools and commercial feeds? What are two things analysts can do today to get experience with collecting and sharing threat intelligence? Subscribe to the podcast for more educational SecOps and Threat Intelligence discussions like this one.

New Zealand Internet Taskforce (NZITF) chairman and Cosive COO Terry MacDonald speaks on all things NZITF, including what the NZITF does, why it was created, and how to get involved. You can see Terry in-person at the NZITF conference on the 13th and 14th of November, 2023.

Ever wondered how medical devices like pacemakers, ventilators, and cochlear implants are protected from threat actors? Emily Etchell is a Security Consultant at Cosive. Previously, Emily worked for Australia's Therapeutic Goods Administration (TGA), focusing on how medical devices can be kept safe from malicious actors. Emily shares her experiences in this podcast, explaining some of the challenges involved with securing medical devices, and how they're currently being overcome.

Cosive's Software Development Lead Sid Odgers is a cybersecurity expert who spends his days building secure software. In this podcast you'll learn how Sid approaches code review so that all code shipped to production is secure as well as high-quality. The tips shared here are language agnostic and will be of use to any software developer who wants to get better at security.

Cosive CTO Chris Horsley conducted early experiments using ChatGPT to help assign ATT&CK IDs to threat intelligence reports. While the tool won’t replace an experienced analyst as of today, it will likely change the way we do this kind of work. Read the blog post where Chris deep-dives on his experiments with using ChatGPT for CTI: https://www.cosive.com/podcast/2022/12/21/episode-004-how-chatgpt-could-transform-the-cti-analyst-role-with-chris-horsley

Unless you have been living in a cave on Mars with your eyes shut and your fingers in your ears for the past few weeks, you have probably heard something about a data breach at Australian telecommunications giant Optus. As security mistakes go, the vulnerability reported to have enabled the attack leans toward the more embarrassing side of the scale. If reports are true, Optus has effectively exposed customer data on an endpoint available to the entire internet. While it is plausible that a developer will forget to (re)secure an endpoint once they finish their development work, there are multiple practical steps you can take to catch or mitigate the problem.

Before jointly founding Cosive with Kayne Naughton and Terry MacDonald, Chris Horsley (Cosive’s CTO) spent many years working in national CSIRTs in both Australia and Japan, as well as doing freelance secure software development for operations teams. In this interview Chris Horsley (CTO at Cosive) talks about the challenges of building software and doing development in SecOps teams. An edited transcription of this podcast is available here: https://www.cosive.com/blog/2022/8/17/building-production-worthy-software-in-secops-teams-an-impossible-challenge

In this interview Cosive’s Managing Director Kayne Naughton shares what he’s learned about threat intelligence programs throughout his career in vulnerability development, SysAdmin and working on threat intel in the financial sector. Kayne is one of the co-founders of Cosive. Founded in 2015, Cosive specialises in trying to solve the difficult problems in security for Australian and New Zealand organisations. An edited transcript of this podcast is available here: https://www.cosive.com/blog/2022/8/2/what-goes-wrong-in-threat-intel-programs