Cybersecurity Videos

All News Deals Social Blogs Videos Podcasts Digests

Turning Threat Intelligence Into Real-World Action | 2 Cyber Chicks S8 E1

•March 11, 2026

Simply Cyber

Simply Cyber•Mar 11, 2026

Why It Matters

Organizations that treat threat intelligence as volume rather than context risk misallocating scarce security resources; prioritizing intel by real exploit risk and operational needs improves incident response and reduces exposure. Paying for expert curation or embedding intel into workflows can turn data into defensible actions.

Summary

On Two Cyber Chicks S8 E1, host Jax interviews Carla Ruff, chief insight officer at Surefire Cyber, about turning raw threat data into actionable intelligence for incident response and product design. Ruff argues that threat intel is foundational to choosing defenses but is often noisy and non‑operational, requiring human filtering or paid services to surface genuine risk. She critiques reliance on CVE counts and CVSS scores alone, urging context‑driven prioritization based on exploitability and attacker behavior. The conversation emphasizes building intel that informs concrete steps defenders can take rather than generating alarmist headlines.

Original Description

In this episode of 2 Cyber Chicks, we sit down with Karla Reffold, Chief Insights Officer at Surefire Cyber, to unpack what threat intelligence really looks like when it matters most.

Karla operates at the intersection of threat intelligence, incident response, and cyber product strategy, helping organizations cut through noise and uncertainty during high-pressure security incidents. From guiding executive decision-making in real time to building tools that actually support responders, she’s spent her career turning complex data into clear, actionable insight.

We dive into what separates intelligence that drives action from intelligence that just looks good on a slide, how leaders make confident decisions under pressure, and why so many organizations misunderstand incident response until they’re living through it.

This is a candid, practical, and insight-packed conversation about:

- What “useful” threat intelligence really looks like in practice

- The information leaders actually need during active incidents

- Why data alone doesn’t lead to better decisions—and what does

- Where cyber products fall short for real-world responders

- How teams can move from intelligence to action when time is limited

If you’ve ever wondered why some organizations stay calm and decisive during crises while others struggle, this episode offers a behind-the-scenes look at what makes the difference.

Learn more about Karla:

LinkedIn: https://www.linkedin.com/in/karlareffold

LinkedIn Course: https://www.linkedin.com/learning/learning-threat-intelligence/defending-your-network

=========================

Connect with 2 Cyber Chicks:

LinkedIn: 2 Cyber Chicks Podcast

Email us: 2CyberChicks@gmail.com

Jax Scott, Founder, @OutpostGray

- Jax on LinkedIn: https://linkedin.com/in/iamjax

- YouTube: Outpost Gray

- Twitter/X: @outpostgray

- Website: iamjax.me

Erika McDuffie, Managing Principal, Coalfire Systems

- Erika on LinkedIn: https://www.linkedin.com/in/erika-mcduffie-767394bb

#2cyberchicks

=========================

Learn more about our Season Sponsor @ThreatLocker

Allow what you need, block everything else... Including ransomware. Zero trust Endpoint Protection Platform from ThreatLocker.

Learn more at https://threatlocker.com/2cyberchicks

=========================

All the ways to connect with @SimplyCyber

https://SimplyCyber.io/Socials

Comments

Want to join the conversation?

Loading comments...