Integrate Threat Intelligence Into Your Security Operations

Action beats reaction.

Do not fill in this field

Enter no text in this field

Get Instant Access
to this Blueprint

Business Email

Full Name

Company

Phone

Job Title

View Storyboard

Contributors

Josh Lefkowitz, CEO, Flashpoint
Tom Knickerbocker, Global Head Cyber Intelligence, Financial Services
Chris Camacho, Cofounder & Chief Executive Officer, NinjaJobs
Anthony Vitello, Senior Vice President Global Information Security, Citigroup
John LaCour, CEO PhishLabs, Cyber Security
Jeff Combs, Recruitment Leader, Cyber Security
Andrew Richardson, Associate Director, EY
8 Senior Executives in the financial services, computer network and security, and telecommunications industry

Organizations have limited visibility into their threat landscape, and as such are vulnerable to the latest attacks, hindering business practices, workflow, revenue generation, and damaging their public image.
Organizations are developing ad hoc intelligence capabilities that result in operational inefficiencies, the misalignment of resources, and the misuse of their security technology investments.
It is difficult to communicate the value of a threat intelligence solution when trying to secure organizational buy-in and the appropriate resourcing.
There is a vast array of “intelligence” in varying formats, often resulting in information overload.

Our Advice

Critical Insight

Information alone is not actionable. A successful threat intelligence program contextualizes threat data, aligns intelligence with business objectives, and then builds processes to satisfy those objectives.
Your security controls are diminishing in value (if they haven’t already). As technology in the industry evolves, threat actors will inevitably adopt new tools, tactics, and procedures; a threat intelligence program can provide relevant situational awareness to stay on top of the rapidly-evolving threat landscape.
Your organization might not be the final target, but it could be a primary path for attackers. If you exist as a third-party partner to another organization, your responsibility in your technology ecosystem extends beyond your own product/service offerings. Threat intelligence provides visibility into the latest threats, which can help you avoid becoming a backdoor in the next big data breach.

Impact and Result

Assess the needs and intelligence requirements of key stakeholders.
Garner organizational buy-in from senior management.
Identify organizational intelligence gaps and structure your efforts accordingly.
Understand the different collection solutions to identify which best supports your needs.
Optimize the analysis process by leveraging automation and industry best practices.
Establish a comprehensive threat knowledge portal.
Define critical threat escalation protocol.
Produce and share actionable intelligence with your constituency.
Create a deployment strategy to roll out the threat intelligence program.
Integrate threat intelligence within your security operations.

Start here – read the Executive Brief

Read our concise Executive Brief to find out why you should implement a threat intelligence program, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

Integrate Threat Intelligence Into Your Security Operations – Executive Brief

1. Plan for a threat intelligence program

Assess current capabilities and define an ideal target state.

2. Design an intelligence collection strategy

Understand the different collection solutions to identify which best supports needs.

3. Optimize the intelligence analysis process

Begin analyzing and acting on gathered intelligence.

4. Design a collaboration and feedback program

Stand up an intelligence dissemination program.

Guided Implementations

This guided implementation is an eight call advisory process.

Guided Implementation #1 - Plan for a threat intelligence program

Call #1 - Project kick-off call

Call #2 - Plan your ideal target state

Guided Implementation #2 - Design an intelligence collection strategy

Call #1 - Conduct organizational intelligence needs assessment

Call #2 - Map internal/external data sourcing to intelligence needs

Guided Implementation #3 - Optimize the intelligence analysis process

Call #1 - Optimize your analysis process

Call #2 - Develop an intelligence action plan

Guided Implementation #4 - Design a collaboration and feedback program

Call #1 - Design an intelligence collaboration plan

Call #2 - Facilitate delivery of the cyber attack simulation

After each Info-Tech experience, we ask our members to quantify the real time savings, monetary impact, and project improvements our research helped them achieve. See our top member experiences for this Blueprint, and what our clients have to say.

Client

Experience

Impact

$ Saved

Days Saved

Testimonial

Georgia State Accounting Office

Guided Implementation

10/10

$127K

De Lage Landen International B. V.

Guided Implementation

10/10

$155K

120

Very happy to have received confirmation of approach chosen

Agriculture Financial Services Corporation

Guided Implementation

10/10

N/A

There were no "worst" parts. All experiences were very positive.

Office Of The Comptroller Of The Currency

Guided Implementation

8/10

N/A

National Grid US

Workshop

8/10

$95,501

Positive - Documentation provided. Expert opinions. Negative - Could have done with being slightly longer.

Search Code: 81190
Published: July 6, 2016
Last Revised: November 9, 2016