How to Define and Build an Effective Cyber Threat Intelligence Capability

Intelligence-Led Security: How to Understand, Justify and Implement a New Approach to Security is a concise review of the concept of Intelligence-Led Security. Protecting a business, including its information and intellectual property, physical infrastructure, employees, and reputation, has become increasingly difficult. Online threats come from all sides: internal leaks and external adversaries; domestic hacktivists and overseas cybercrime syndicates; targeted threats and mass attacks. And these threats run the gamut from targeted to indiscriminate to entirely accidental.

Among thought leaders and advanced organizations, the consensus is now clear. Defensive security measures: antivirus software, firewalls, and other technical controls and post-attack mitigation strategies are no longer sufficient. To adequately protect company assets and ensure business continuity, organizations must be more proactive. Increasingly, this proactive stance is being summarized by the phrase Intelligence-Led Security: the use of data to gain insight into what can happen, who is likely to be involved, how they are likely to attack and, if possible, to predict when attacks are likely to come. In this book, the authors review the current threat-scape and why it requires this new approach, offer a clarifying definition of what Cyber Threat Intelligence is, describe how to communicate its value to business, and lay out concrete steps toward implementing Intelligence-Led Security.

Learn how to create a proactive strategy for digital securityUse data analysis and threat forecasting to predict and prevent attacks before they startUnderstand the fundamentals of today's threatscape and how best to organize your defenses

Chapter 1: Introduction

Chapter 2: A Problem Well-Defined is Half-Solved

Chapter 3: Defining Business Objectives ("Start With Why")

Chapter 4: Common Objectives of a Threat Intelligence Program

Chapter 5: Translating Objectives in Needs ("Why DRIVES What")

Chapter 6: How Technology Models Operationalize Threat Data

Chapter 7: Who You Can Ask Where to Get It

Chapter 8: Conclusion and Recap