Cyber threat intelligence (CTI) programs are often solely focused on indicators of compromise and malware detection. This workshop discussion uses a fictional eCommerce company as a case study to explors how to implement the intelligence cycle in your CTI program to better support your organization’s intelligence. We’ll cover:
- Identifying the different types of intelligence consumers in your organization
- Formulating production requirements
- Writing prioritized intelligence requirements
- Deducing collection requirements from your prioritized intelligence requirements
- Mapping of collection requirements to collection capabilities
- KPI generation for each part of the intelligence cycle
Participants are encouraged to bring a list of intelligence needs, requirements and priorities and be prepared to discuss tactics, challenges and processes for standing up and running a cyber threat intelligence program.