Where you certain that Fancy Bear was in your network to find that it was really just a misconfig? Did you spend countless cycles on an incident to find out who-done-it for upper management, only to be disappointed with the lack of actionable intelligence? If you have ever been curious about Attribution or how to make Attribution work in your organization, then this talk is for you! The focus will be on the different ways organizations can maximize their defensive strategies using information shared by the enemy. You’ll learn that the “who” and “why” aspects of attribution mean little when compared with TTPs in most company’s cyber threat intelligence programs.