Cyber threat intelligence

According to CERT-UK, cyber threat intelligence (CTI) is an "elusive"[1] concept. While cyber security comprises the recruitment of IT security experts, and the deployment of technical means, to protect an organization's critical infrastructure, or intellectual property, CTI is based on the collection of intelligence using open source intelligence (OSINT), social media intelligence (SOCMINT), human Intelligence (HUMINT) or intelligence from the deep and dark web. CTI's key mission is to research and analyze trends and technical developments in three areas:

Those accumulated data based on research and analysis enable states to come up with preventive measures in advance. Considering the seriousness impacts of cyber threats, CTI has been raised as a efficient solution to maintain international security.

Types of Cyber Threat Intelligence

According to UK's Centre for the Protection of National Infrastructure (CPNI), there are four types of threat intelligence:[2]

In the financial sector, the CBEST[3] framework of the Bank of England assumes that penetration testing is no longer adequate to protect sensitive business sectors, such as the banking sector. In response, the UK Financial Authorities (Bank of England, Her Majesty’s Treasury, and the Financial Conduct Authority) recommend several steps to guard financial institutions from cyber threats, including receiving "advice from the cyber threat intelligence providers operating within the UK Government."[4]

Benefits of Tactical Cyber Intelligence

The Challenge of Attribution

Behind any cyber threat there are people using computers and networks. During or after a cyber attack technical information about the network and computers between the attacker and the victim can be collected. However, identifying the person(s) behind an attack, their motivations, or the ultimate sponsor of the attack, is difficult. Recent efforts in threat intelligence emphasize understanding adversary TTPs.[6]

See also

Wikimedia Commons has media related to Cyber threat intelligence.

References

  1. , CERT-UK, An Introduction to Threat Intelligence
  2. , CPNI, Threat Intelligence Infographic
  3. , CBEST, An Introduction to Cyber Threat Modelling
  4. , CBEST, Implementation Guide
  5. Intelligence and national security alliance, cyber intelligence task force december 2015
  6. , Levi Gundert, How to Identify Threat Actor TTPs

Further reading

This article is issued from Wikipedia - version of the 9/29/2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.