Exclusive TI and OT training with Joe Slowik from MITRE
mnemonic welcomes intelligence veteran Joe Slowik to Oslo where he will hold two 2-day courses: Intelligence Driven Industrial Network Defense and Applied Threat Intelligence
April 8-9: Intelligence Driven Industrial Network Defense
This course teaches an intelligence-driven, threat-based approach to evaluating the threat landscape and developing countermeasures and defenses. As malicious entities increasingly target OT and ICS networks, defenders - whether industrial operators new to security, or IT security personnel learning ICS - need to learn the basis and nature for these attacks.
The course begins with an overview of ICS networks and the OT landscape to ensure a common background in operational limitations and capabilities. With this in place, we then explore risk assessment, risk understanding, and threat modeling. Finally, we conclude with an overview of threat types, motivations, and capabilities as applied to ICS-specific values and defensive questions.
April 10-11: Applied Threat Intelligence
When used properly, cyber threat intelligence allows an organisation to leverage another’s breach or incident to their own benefit. Yet while many CTI courses and guides exist, these are primarily designed for developing long-range, in-depth intelligence products for strategic or similar overview with an overemphasis on theory and little experience in practice.
Operational threat intelligence instead supports a different audience: day to day security work and network defense. While CTI must always meet standards for accuracy, relevancy, and timeliness, SOC watch-standers and IR personnel need enriched information now in order to execute their jobs.
This course fills a critical role that other training does not address: how to successfully embed cyber threat intelligence operations into the daily rhythm of security to support everyday tasks, and extraordinary incidents. Toward that end, while this course will briefly touch on theoretical concepts such as analysis of competing hypotheses, kill chain methodology, and other ideas, the real focus will be on what efforts make operational threat intelligence possible and sustainable.
Listen to Joe Slowik on the mnemonic security podcast.
Meet the trainer
Cyber threat intelligence (CTI), detection engineering, and incident response leader with over 15 years experience across multiple domains, including industrial control system (ICS), operational technology (OT), and critical infrastructure environments.
Joe Slowik has emphasized the operational significance of threat intelligence through multiple previous roles: through leading intelligence and detection teams at Gigamon and Huntress; as an ICS focused analyst for Dragos; leading the incident response team at Los Alamos National Laboratory; and serving as a Cryptologic Warfare Officer in the U.S. Navy.
Joe also provides CTI, threat hunting, and related training and consulting through his firm, Paralus LLC.
If you're interested in Joe Slowik's CTI course, join our CTI night on April 11th at 17:00. Join us to gather with like-minded people and take part in our panel discussion with Joe Slowik and a few other industry friends.
Want to know more?
