Artificial Intelligence & Machine Learning
,
Next-Generation Technologies & Secure Development
,
Security Operations
Google’s Tim Gallo on Creating More Proactive, Integrated Defenses
Integrating cyberthreat intelligence across all business operations is essential for enhancing security and managing risks effectively. But that valuable threat intel should not be limited to security operations centers, said Tim Gallo, head of global solutions architects, Google.
See Also: Splunk Named a 10-Time Leader in Gartner® Magic Quadrant™ for SIEM
Good threat intel can help organizations identify common adversary methods and uncover motives such as criminal activities or espionage. This proactive defense strategy, Gallo said, involves understanding which assets are “crown jewels.”
“Those are the things that are most important to us, which give us an idea of what types of adversaries are going to target us because they have specific TTPs that they’ve developed,” he said. “At the same time, it gives us an idea of what tools they are going to use, so we know what we should be looking for and how we can more effectively defend.”
In this video interview with Information Security Media Group at ISMG’s North America Midwest Summit, Gallo also discussed:
- How cyberthreat intelligence teams can provide guidance on data handling;
- The need for proactive defense measures against criminal espionage or supply chain attacks;
- Why cybersecurity teams cannot rely on technology alone.
Gallo has more than 25 years of experience in risk assessment, sales, technical leadership, cloud computing and cybersecurity. At Google, he leads a dynamic team of solutions architects specializing in cyberthreat intelligence and risk. Previously, he was the principal architect at Mandiant.