In this special RSA 2025 episode of The Future of Threat Intelligence, David speaks with Jawahar Sivasankaran, President of Cyware, about their partnership with Team Cymru to democratize threat intelligence. Jawahar outlines how their CTI program in a box approach enables organizations to implement comprehensive threat intelligence capabilities in weeks rather than months.

Jawahar offers a unique perspective on industry progress and remaining challenges in collaborative defense. This conversation explores the practical realities of operationalizing threat intelligence for organizations beyond the most mature security teams, the current implementation of AI in security operations, and a thoughtful assessment of how automation will reshape security careers without eliminating the need for human expertise.

Topics discussed:

• How Cyware's partnership with Team Cymru creates turnkey threat intelligence solutions with pre-configured use cases and clear outcomes for rapid implementation.
• The critical gap in threat intelligence sharing between private and public sectors despite overall industry progress in security capabilities.
• Cyware's work with ISACs to facilitate bi-directional threat intelligence sharing that benefits organizations at varying maturity levels.
• Current implementation of AI through Cyware's Quarterback module, featuring knowledge bots and NLP capabilities beyond future aspirations.
• Multi-agent AI approach to threat-centric automation that focuses on enriching and correlating intelligence for actionable outcomes
• Historical perspective on industry disruption and how AI will transform security careers by automating basic tasks while creating new opportunities in design, architecture, and human-machine collaboration.
• The evolution of security solutions over two decades of RSA conferences and whether the industry is making meaningful progress against adversaries.
• Practical strategies for implementing comprehensive threat intelligence programs without months of planning and configuration.

Key Takeaways:

• Implement a "CTI program in a box" approach to accelerate threat intelligence adoption, reducing deployment time from months to weeks through pre-configured use cases with clear, measurable outcomes.
• Establish bi-directional threat intelligence sharing between private and public sectors to strengthen collective defense capabilities against emerging adversary tactics and behaviors.
• Leverage partnerships with ISACs to gain access to curated threat intelligence that has been validated and contextualized for your specific industry vertical.
• Deploy AI-powered knowledge bots with NLP capabilities to help your security team more efficiently process and action threat intelligence data without requiring extensive expertise.
• Adopt a multi-agent AI approach for security operations that enriches threat intelligence, correlates information across sources, and recommends specific defensive actions.
• Evaluate your organization's cyber threat intelligence maturity honestly, recognizing that even large enterprises and government agencies often struggle with operationalizing intelligence effectively.
• Streamline threat intelligence implementation through turnkey solutions that provide unified platforms rather than attempting to build capabilities from scratch.
• Balance AI automation with human expertise in your security operations, recognizing that technology will transform job functions rather than eliminate the need for skilled professionals.
• Transform basic security workflows into threat-centric processes that focus on actionable outcomes rather than just data collection and processing.
• Prioritize collaborative defense mechanisms that benefit organizations with varying levels of security maturity, particularly those downstream that lack advanced threat identification capabilities.

Listen to more episodes:

Apple

Spotify