Presentation information

TIPS#5 Panel: A tale of two companies

Kathi Whitbey (Palo Alto Networks), Righard Zwienenberg (ESET), Noortje Henrichs (Netherlands NCSC) & Derek Manky (Fortinet)
CISOs have to fight the Reign of Cyber Terror against attackers to the best of their abilities, preferably well informed using the right threat intelligence for their environment. Of course there is always the monetization question of convincing upper-management that the investment will be well spent and earn a solid return on investment (by preventing other costs like downtime). This leads us to two CISOs at different companies trying to do the same job. The first company spends little to nothing on collecting and using threat intelligence, where lack of preparation led to that company being in trouble after many years. The second company, however, chose to spend the money on collecting and using threat intelligence. They realized, despite the monetary investment, that in the end it would make the odds of surviving the Reign of Cyber Terror much better, with less financial damage, as the threat intelligence proactively helped them to build defences. This panel will discuss the importance of threat intelligence in building defences against cyber attacks, including their vision for the future: what are we up against and how can we help organizations to be properly prepared?
Kathi Whitbey
Palo Alto Networks Kathi Whitbey currently serves as the Program Manager for Unit 42 within Palo Alto Networks. In this role, Kathi was an integral part in the process for incorporating the Cyber Threat Alliance (CTA), to include the initial CTA Platform development efforts for sharing information among member companies. Kathi’s previous roles have included software development management and technical training efforts for various US government organizations. Kathi has also worked for the US Department of State and travelled all over the world educating employees on custom software applications. In her free time, Kathi serves as a volunteer Emergency Medical Technician (EMT) with Texas Search and Rescue, and was afforded the opportunity to serve in that role supporting the US Navy at Camp Lemonnier, Djibouti, Africa for 12 months. Kathi has an M.S. degree in information systems.
Righard Zwienenberg
ESET Righard Zwienenberg started dealing with computer viruses in 1988 after encountering the first virus problems. His interest thus kindled he has studied virus behaviour and presented solutions and detection schemes ever since. Starting as an independent consultant, later as R&D Manager at CSE Ltd, as a researcher for ThunderBYTE, as Chief Research Officer at Norman, and currently as Senior Research Fellow at ESET. Over the years he has served in many extra roles in different industry organizations. Currently he is still serving on the board of AVAR, on the Technical Overview Board of the WildList and as the Vice Chair of the Executive Committee of IEEE ICSG. In 2018, Zwienenberg joined the Europol European Cyber Crime Center (EC3) Advisory Group as an ESET representative. Zwienenberg has been a member of CARO since late 1991. He is a frequent speaker at conferences – among these Virus Bulletin, EICAR, AVAR, RSA, InfoSec, SANS, CFET, ISOI, SANS Security Summits, IP Expo, Government Symposia, SCADA seminars - and general security seminars.
Noortje Henrichs
Netherlands NCSC Noortje works at the Dutch National Centre for Cybersecurity (NCSC) and leads the Threat Analysis team and the Cyber Threat Intelligence team. From collection to dissemination, she is responsible for the execution of all phases of the threat intelligence lifecycle. She aims to deliver relevant and timely information on generic as well as sector-specific digital threats to the NCSC constituency. As part of a national CERT, it is her mission to offer partners, institutions and organizations a complete national threat landscape that combines technical information with tactical context (and vice versa).
Derek Manky
Fortinet Derek Manky brings more than 15 years of experience to a strategic and visionary cybersecurity role, working with FortiGuard Labs at Fortinet. Manky leads FortiGuard Labs’ global threat intelligence team, which consults with leading CSOs/CISOs of Fortune 500 companies worldwide across multiple industries. Manky provides thought leadership to industry and has presented research and strategy worldwide at many premier security conferences. As a cybersecurity expert, his work has included meetings with leading political figures and key policy stakeholders globally, including law enforcement, which helps define the future of cyber security. In 2019, he was selected as one of six nationwide delegates to represent Canada as a Canadian leader from the field of cyber, through his leadership and expertise in cybersecurity. He is a contributing author to the World Economic Forum Partnership against Cybercrime Report. Manky has been recipient of his technical university’s honourable 2019 BCIT Distinguished Alumni Award. Manky orchestrates global threat intelligence initiatives with Fortinet, including the World Economic Forum Partnership against Cybercrime, Cyber Threat Alliance (CTA), NATO NICP, INTERPOL Expert Working Group, and the Forum for Incident Response and Security Teams (FIRST). Manky has been with the Cyber Threat Alliance since it was founded in May 2014 and sits on the steering committee, working with leading security executives and CEO direction in industry. His vision is applied to help shape the future of proactive cybersecurity, with the ultimate goal to make a positive impact towards the global war on cybercrime. He works globally with the security industry and Computer Emergency Response Team (CERT) to connect the dots, streamlining mitigation advice and threat forecasts based on personal knowledge and a team of world-class experts at Fortinet and FortiGuard Labs. This strategy is integrated into advanced technology frameworks to fight cyber attacks, while keeping clients secure. Manky designed a zero-day vulnerability disclosure framework, which has been reliably used for years to responsibly fix security issues before black hat attackers get a chance to exploit victims. Manky sits on a computing science advisory committee and meets with universities to provide security industry input that he hopes will help shape the bright young minds of tomorrow. In an effort to educate, he is regularly featured in top-tier media and guest articles including, but not limited to, CNN, Bloomberg, NBC, MSNBC, Wired, CSO, Forbes, Wall Street Journal, Dark Reading and the Financial Times. Manky has also been the recipient of CRN’s ‘Security Superstar’ award. He continues to dedicate his career to security, research and education.
arrow left Back

TIPS#5 Panel: A tale of two companies

Kathi Whitbey (Palo Alto Networks), Righard Zwienenberg (ESET), Noortje Henrichs (Netherlands NCSC) & Derek Manky (Fortinet)
CISOs have to fight the Reign of Cyber Terror against attackers to the best of their abilities, preferably well informed using the right threat intelligence for their environment. Of course there is always the monetization question of convincing upper-management that the investment will be well spent and earn a solid return on investment (by preventing other costs like downtime). This leads us to two CISOs at different companies trying to do the same job. The first company spends little to nothing on collecting and using threat intelligence, where lack of preparation led to that company being in trouble after many years. The second company, however, chose to spend the money on collecting and using threat intelligence. They realized, despite the monetary investment, that in the end it would make the odds of surviving the Reign of Cyber Terror much better, with less financial damage, as the threat intelligence proactively helped them to build defences. This panel will discuss the importance of threat intelligence in building defences against cyber attacks, including their vision for the future: what are we up against and how can we help organizations to be properly prepared?
Kathi Whitbey
Palo Alto Networks Kathi Whitbey currently serves as the Program Manager for Unit 42 within Palo Alto Networks. In this role, Kathi was an integral part in the process for incorporating the Cyber Threat Alliance (CTA), to include the initial CTA Platform development efforts for sharing information among member companies. Kathi’s previous roles have included software development management and technical training efforts for various US government organizations. Kathi has also worked for the US Department of State and travelled all over the world educating employees on custom software applications. In her free time, Kathi serves as a volunteer Emergency Medical Technician (EMT) with Texas Search and Rescue, and was afforded the opportunity to serve in that role supporting the US Navy at Camp Lemonnier, Djibouti, Africa for 12 months. Kathi has an M.S. degree in information systems.
Righard Zwienenberg
ESET Righard Zwienenberg started dealing with computer viruses in 1988 after encountering the first virus problems. His interest thus kindled he has studied virus behaviour and presented solutions and detection schemes ever since. Starting as an independent consultant, later as R&D Manager at CSE Ltd, as a researcher for ThunderBYTE, as Chief Research Officer at Norman, and currently as Senior Research Fellow at ESET. Over the years he has served in many extra roles in different industry organizations. Currently he is still serving on the board of AVAR, on the Technical Overview Board of the WildList and as the Vice Chair of the Executive Committee of IEEE ICSG. In 2018, Zwienenberg joined the Europol European Cyber Crime Center (EC3) Advisory Group as an ESET representative. Zwienenberg has been a member of CARO since late 1991. He is a frequent speaker at conferences – among these Virus Bulletin, EICAR, AVAR, RSA, InfoSec, SANS, CFET, ISOI, SANS Security Summits, IP Expo, Government Symposia, SCADA seminars - and general security seminars.
Noortje Henrichs
Netherlands NCSC Noortje works at the Dutch National Centre for Cybersecurity (NCSC) and leads the Threat Analysis team and the Cyber Threat Intelligence team. From collection to dissemination, she is responsible for the execution of all phases of the threat intelligence lifecycle. She aims to deliver relevant and timely information on generic as well as sector-specific digital threats to the NCSC constituency. As part of a national CERT, it is her mission to offer partners, institutions and organizations a complete national threat landscape that combines technical information with tactical context (and vice versa).
Derek Manky
Fortinet Derek Manky brings more than 15 years of experience to a strategic and visionary cybersecurity role, working with FortiGuard Labs at Fortinet. Manky leads FortiGuard Labs’ global threat intelligence team, which consults with leading CSOs/CISOs of Fortune 500 companies worldwide across multiple industries. Manky provides thought leadership to industry and has presented research and strategy worldwide at many premier security conferences. As a cybersecurity expert, his work has included meetings with leading political figures and key policy stakeholders globally, including law enforcement, which helps define the future of cyber security. In 2019, he was selected as one of six nationwide delegates to represent Canada as a Canadian leader from the field of cyber, through his leadership and expertise in cybersecurity. He is a contributing author to the World Economic Forum Partnership against Cybercrime Report. Manky has been recipient of his technical university’s honourable 2019 BCIT Distinguished Alumni Award. Manky orchestrates global threat intelligence initiatives with Fortinet, including the World Economic Forum Partnership against Cybercrime, Cyber Threat Alliance (CTA), NATO NICP, INTERPOL Expert Working Group, and the Forum for Incident Response and Security Teams (FIRST). Manky has been with the Cyber Threat Alliance since it was founded in May 2014 and sits on the steering committee, working with leading security executives and CEO direction in industry. His vision is applied to help shape the future of proactive cybersecurity, with the ultimate goal to make a positive impact towards the global war on cybercrime. He works globally with the security industry and Computer Emergency Response Team (CERT) to connect the dots, streamlining mitigation advice and threat forecasts based on personal knowledge and a team of world-class experts at Fortinet and FortiGuard Labs. This strategy is integrated into advanced technology frameworks to fight cyber attacks, while keeping clients secure. Manky designed a zero-day vulnerability disclosure framework, which has been reliably used for years to responsibly fix security issues before black hat attackers get a chance to exploit victims. Manky sits on a computing science advisory committee and meets with universities to provide security industry input that he hopes will help shape the bright young minds of tomorrow. In an effort to educate, he is regularly featured in top-tier media and guest articles including, but not limited to, CNN, Bloomberg, NBC, MSNBC, Wired, CSO, Forbes, Wall Street Journal, Dark Reading and the Financial Times. Manky has also been the recipient of CRN’s ‘Security Superstar’ award. He continues to dedicate his career to security, research and education.