RFUN 2016: The Business of Intelligence From All Perspectives

Posted: 19th October 2016
RFUN 2016: The Business of Intelligence From All Perspectives

Did you miss this year’s event? Read the summary below of what happened at RFUN 2016, but first we encourage you to watch this two-minute video to experience our annual conference up close:

The Business of Intelligence

Threat intelligence enthusiasts and Recorded Future customers alike joined us for the fifth annual Recorded Future User Network (RFUN) Conference in Washington, D.C. on October 6, 2016.

Sharing a common goal of proactively staying ahead of cyber attacks, attendees networked with security peers and attended sessions to gain valuable insight into how others apply their own threat intelligence practices.

The theme of this year’s RFUN was “The Business of Intelligence,” demonstrating threat intelligence perspectives from all sides of cyber security, including the Hacker, the APT, the Defender, the Researcher, and the Investigator.

The Hacker

The day kicked off with opening remarks from Christopher Ahlberg, CEO and Co-Founder of Recorded Future. Ahlberg was joined by “The Hacker” Elias Ladopoulos, CEO and Founder of Supermassive Corp. (also known as Acid Phreak), for a discussion on evolving hacker motivations.


Teresa Shea, former Director of SIGINT at the NSA, delivered an opening keynote touching on the unpredictable cyber security domain and its challenges. Shea remarked, “a shift in communications services and technologies means we need to adapt.”

With the need to adapt comes the need to understand threat actor motivations and what they are capable of exploiting, made possible by driving a clear and actionable threat intelligence strategy.

The Defender

Along this same frame of thinking, “The Defender,” Christopher Mascaro, Vice President of Threat Intelligence and Analytics at First Data, discussed frameworks and best practices for understanding what threat actors are interested in, allowing security teams to be better prepared.

The Researcher

“The Researcher,” John Scott-Railton, Senior Research Fellow at The Citizen Lab, University of Toronto, spoke on the research that his team conducted on government-linked attacks aimed towards high-risk populations. Scott-Railton touched upon the ways his team’s research identified common attacker tactics, as well as the best methods for effectively tracking these attacks.

The Investigator

In an interesting discussion on the Ukraine Cyber Grid attack, “The Investigator,” Robert M. Lee, CEO and Founder of Dragos, touched on the possible motivations of the actors behind the attacks. Previously having helped with the investigation of the hack, Lee discussed the extensive planning and effort that went into executing the highly sophisticated operation, engaging the audience with his expertise.

Audience Feedback

With the quantity of best practices covered and insights exchanged, attendees and speakers shared excellent feedback following a productive conference.

Partner of the Year Awards

Additionally this year, we were proud to honor a few of our most outstanding partners for consistently utilizing innovative techniques and advancing the application of threat intelligence.

Learn More

As we conclude another successful RFUN, we invite you to explore our many resources and continue the conversation on effective, timely, and superior threat intelligence.

Interested in speaking at next year’s conference? Send a note to rfun [at] recordedfuture [dot] com to learn how to get involved.