Drawing value from cyber threat intelligence

Aug 27, 2025

Structuring a cyber threat intelligence (CTI) program differs for every organization depending on size, the assets it is trying to protect and the threat landscape affecting their particular industry. Kobe Shwartz is the Head of Cyber Threat Intelligence and Analysis at Signify and is also the founder of a consultancy, Underdark.ai (http://underdark.ai/). He was formerly a Russian cybercrime and espionage analyst. In this Studio 471, Shwartz discusses how he started the CTI team at Signify, which was formerly known as Philips Lighting. He also discusses how to manage alert overload, the importance of “Dark Web” intelligence and how to measure return on investment in a CTI program.

Participants:
Kobe Shwartz, Head, Cyber Threat Intelligence and Analysis, Signify
Jeremy Kirk, Executive Editor, Cyber Threat Intelligence, Intel 471

Emerging Threats//

CrazyHunter Ransomware

CrazyHunter is a ransomware campaign targeting healthcare that weakens endpoint defenses and escalates privileges before encrypting systems at scale.

Emerging Threats//

DevMan Ransomware

DevMan Ransomware is a newly emerging ransomware operation observed in 2025 that has been assessed as a derivative of the DragonForce ransomware family.

Emerging Threats//

Gootloader Malware Update

Gootloader resurfaced with enhanced capabilities, building on the multi-stage loader malware first seen in 2020.

Sign up for our Executive Intel Update

Stay informed with our weekly executive update, sending you the latest news and timely data on the threats, risks, and regulations affecting your organization.

Drawing value from cyber threat intelligence

Related Articles

CrazyHunter Ransomware

DevMan Ransomware

Gootloader Malware Update

Sign up for our Executive Intel Update

Sign up for our Executive Intel Update