Please enable JavaScript.
Coggle requires JavaScript to display documents.
Cybersecurity as an Industry: A Cyber Threat Intelligence Perspective…
Cybersecurity as an Industry: A Cyber Threat Intelligence Perspective (2019)
Description
timely
relevant
actionable intelligene
"An effective Threat Intelligence Platform can enable analysts to determine patterns for malicious behavior learned for previous events to prevent future attacks "
Goal: An added aid to organizations to select appropritate cybersecurity controls (authentication, protocols, cyptography) to improve their overall cybersecurity posture
Phases
Data Collection & Aggregation
Threat Analytics
Intelligence Planning & Strategy
Intelligence Usage and Dissemination
Data Sources
Open-Source Intelligence (OSINT)
Internal Intelligence
Human Intelligence (HUMINT)
Counter Intelligence
Finished Intelligence
Analytics
Summary Analytics
Event Correlation
Reputation Services
Malware Analysis
Analysis of malicious files on a network or system (for malicious files/binaries)
Anomaly Detection
Detect abnormal behaviors/activities w/c deviate from a predefined set of normal activities
Forensics
Examine factors that led to a cyberbreach by identifying and & preserving digital evidence
Machine Learning
Valuable for automation and identifying trends and patterns within data that are not possible by other methods