We recently spoke to Dr. Ali Dehghantanha, who will be running our Certified Threat Intelligence Analyst (C|TIA) workshop this March.
Dr. Ali Dehghantanha, Director of the Cyber Science Lab at the University of Guelph
Dr. Ali Dehghantanha has worked in cybersecurity for 15 years. His work has brought him all over the world to talk about and teach cybersecurity. He is currently a professor and director of the Cyber Science Lab at The University of Guelph and has an impressive background. He has an EU Marie Curie fellowship in cyber forensics, a PhD in Security in Computing and is a Certified Information Systems Security Professional (CISSP), a Certified Information Security Manger (CISM), a Certified Ethical Hacker (C|EH), Certified Threat Intelligence Analyst (CTIA), Certified Incident Handler (ECIH), EC-Council Certified Security Analyst (ECSA), and a Certified EC-Council Instructor (CEI).
What do you see as some of the major threats facing organizations, especially those in higher education?
Higher education institutions have a very wide threat landscapes as they must serve a much more varied audience than other organizations. They must serve students, researchers, and administration staff, each of whom can be the target of attacks. Students who haven’t been educated in cybersecurity are susceptible to phishing scams and researchers may be targeted for their data. As well, universities often have access to a large amount of computing power which is an appealing target for attackers who may plan to use it in attacks against other organizations.
How can threat intelligence be used to develop cybersecurity strategies for preventing future breaches and attacks?
Companies currently focus the most on defense when building their cybersecurity plans. They look at developing firewalls and other means of protections without really understanding threat actors. Threat intelligence can help give a rounded view of the threat actors that an organization might face. Organizations can take their gathered threat intelligence and use it to direct their investments in cybersecurity strategies. They can maximize the benefit of their cybersecurity strategy by ensuring the correct areas receive the proper investments.
We know that there is a severe shortage of cybersecurity talent. How does this course help fill the cybersecurity skill gaps in some organizations?
This course is aimed at those working in the higher levels of IT and right now there can be a lack of proper understanding of threat actors and how they can be identified and used at that level. This course is to shed light on the importance of threat intelligence and threat actors and how they can be crucial in the decision-making process.
How is the C|TIA course organized and what methods of gathering and using threat intelligence do you look at?
We start off by looking at different models and frameworks of gathering threat intelligence. We look at threat actors at the different stages of attacks against an organization and look at the tactics that attackers use. We then review defense methods and the possible issues that certain methods might face, depending on the threat actor. And finally, we consider some of the commercial solutions out there that help provide a one-stop-shop for threat intelligence analyst needs.
What are the unique aspects of the C|TIA course compared to other cybersecurity credentials?
Simply put, there aren’t many other courses out there that are like C|TIA. It’s a relatively new course in the cybersecurity landscape. Other courses, much like current cybersecurity strategies, focus on the defense rather than pre-emptive threat intelligence gathering that can help deal with threats before they become a much larger issue.
Why should someone who works in cybersecurity, especially someone from the research and education community, take the C|TIA course?
The information imparted in this course is extremely relevant to the research and education community. As mentioned before, there is a wide user base to protect and the use of threat intelligence can help ensure that each user has their needs met while being protected. Each of their threat actors and their tactics for targeting these groups can be examined and strategies can be put into place.
Dr. Ali Dehghantanha will be teaching the C|TIA course this March here in Toronto hosted by OCAD University.