What Is Threat Intelligence (Cyber Threat Intelligence)?

Threat Intelligence, often called Cyber Threat Intelligence or CTI, is evidence-based, actionable knowledge about cyber threats and malicious actors.

It is collected, analyzed, and organized by cybersecurity experts to help organizations understand potential cyber risks.  It provides insights about how to identify the attack, the attack mechanism, how different types of attack may impact a business, and advice on how to defend against this attack a.k.a TTPs.  

Types of Threat Intelligence

  • Tactical Intelligence: It includes information about how threats are being carried out and can be defended against. They also include information about the attack vectors, tools, and infrastructures used by the attackers.
  • Operational Intelligence: Focuses on identifying and responding to active and immediate cyber threats. It provides actionable insights into ongoing attacks, including information about threat actors, their activities, intent, and potential impact. It is the information that the IT department can use as a part of active threat management to act against specific attacks.
  • Strategic Intelligence: Focus on understanding high level information that puts the threats in context. Mostly non-technical information that organizations can present to the board of directors for them to understand risks, assess potential impact, and make informed strategic decisions. 

More About Cloud