May 8, 2025
Breaking Down Silos With Threat-Informed Defense
Host: Rahul Neel Mani, VP, Community Engagement and Editorial, ISMG
Guest: Jon Baker, Director of the Center for Threat-Informed Defense
Watch the VideoMisaligned incentives between security teams often stall collaboration. Some organizations have begun merging their SOCs, red teams and threat intel groups under a shared leadership role to break silos, Jon Baker said, director at the Center for Threat-Informed Defense at Mitre.
“You will start to see job postings for Director of Threat-Informed Defense, where an organization is bringing together intel and the offensive security team and the SOC team, kind of under one leadership role to just deliberately break those silos so that we can all have just a shared mission,” said Baker.
Indicators such as improved defensive posture and faster feedback loops are key measures of success. Organizations that prioritize specific threats and quickly test, evaluate and implement defenses reduce friction across teams and improve readiness. Baker emphasized that shortening this cycle builds collaboration and drives continuous improvement.
In this video interview with Information Security Media Group at RSAC Conference 2025 Baker also discussed:
- Why cross-team incentives often undermine cyber defense;
- How unified leadership roles break down silos;
- Metrics that show whether threat-informed defense is working.
Baker co-founded the Center for Threat-Informed Defense as MITRE’s first privately funded R&D organization. He has extensive experience leading research teams and collaborating with industry to advance cybersecurity capabilities.