Integrating Cyber Threat Intelligence Into Cybersecurity Program

  1. Type of industry e.g construction, financial, e-commerce, etc.
  2. The business requirements: getting this will come a long way to sharpen CTI requirements. An e-commerce organization will be more concerned about the availability and integrity of data than confidentiality while a health organization will be more concerned about confidentiality and integrity. In order to build a CTI system that works, define what your organization is more concerned about and look out for such weaknesses.
  3. Maturity of an organization: the smaller an organization, the better CTI coverage and vice versa. a matured organization will require more than 1 CTI analyst to work together and the larger an organization, the larger its domain and the bigger its threat domain.
  4. Value: have this at the back of your mind to state clearly the value such an organization will derive in alignment with its business goals. Of what use is CTI to the organization? If this is stated clearly, it will ensure the support of stakeholders and the continuity of the CTI program.
  1. Planning & Direction
  2. Collection
  3. Analysis
  4. Production
  1. Organization: Government
  2. Target: What threat actors are targeting?
  1. Operational Intelligence: often details potential impending operations against an organization. It is not easy to obtain and it is sector-industry based. It encompasses all-source intelligence. such as data leaks sold on the dark web. It is usually urgent, it needs immediate action
  2. Tactical intelligence: consists of TTPs, and IOCs of threat actors, it is particularly useful for security operation centers, depending on severity, it may be urgent but it usually an update for signature — based defense system update emerging malware, techniques used by the threat actor.
  3. Strategic intelligence: exists to inform decision makers of broader changes in the threat landscape. Focuses on business risk rather than technical terms.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Olajumoke Oloyede

Olajumoke Oloyede

73 Followers

I am a Cyber Threat Intelligence Analyst, Cybersecurity Trainer and Cybersecurity Researcher