7.1 Introduction to Dissemination

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
or

Already have an account? Sign In »

Time
4 hours 42 minutes
Difficulty
Advanced
CEU/CPE
5
Video Transcription
00:00
hello and welcome to our less module dissemination and feedback.
00:05
This is the first lesson, and it will be an introduction to the model. In this module, we will discover together the meaning off dissemination,
00:16
the different forms off intelligence products,
00:20
the meaning off sharing and the importance of sharing
00:24
in the cyber threat and collisions.
00:26
And finally, we would see
00:28
what is the feedback part off the dissemination feet.
00:33
Over the last years, the numbers off I t security incidents has been constantly increasing among companies as single entities are no longer able to handle the vast amount of possible attack scenarios. Acting collaboratively against such attacks is an emerging trend.
00:52
It is widely believed that operated approaches in particular those based on exchange off threat intelligence information
01:00
can contribute significantly to improve defensive capabilities.
01:04
The finish it protect off this process must get to the right hands to be effective
01:11
so the intelligence cycle must look back up in itself.
01:15
These reports and assessments are delivered to clients or the leadership who come see on of the cycle in the first place.
01:26
Briefly dissemination involves getting the Finnish intelligence output to the places it needs to go in order to derive results and address the risks. City I teams must distribute their Finnish intelligence reports to the appropriate stakeholders.
01:45
Most off cyber security organizations have at least six teams that can benefit from threat intelligence.
01:53
These individuals typically range from sock analysts to senior leadership responsible for allocated resources and set in strategic priorities.
02:05
Security professionals Endler from the way the U. S Department of Defense approaches intelligence.
02:12
Years ago,
02:14
the agency was absolutely overwhelmed with information on adversary activity
02:20
and had to establish frameworks for dealing with the data.
02:23
As a result, the military now considers and versions at three levels
02:30
strategic, operational and tactical
02:34
Strategic intelligence informs the most senior decision makers.
02:38
Operational intelligence is aiming at those making day to day decisions, and technical intelligence is focused on units in needs off instantaneous information.
02:52
For each of these audience, you need to ask,
02:55
what threat intelligence do they need?
02:59
How should the intelligence be presented to make it easily understandable and actionable for that audience?
03:07
How often should we provide updates and other information?
03:12
And through what media should the intelligence be disseminated? We will see each one off these three forms in more details within their core spending videos.
03:23
This speed at which cyber criminals operate and be worrying for those tasked with defending networks from attacks.
03:32
So at actors can weaponize vulnerabilities within days off them being discovered
03:38
and successful exploits or techniques will rapidly spread amongst library criminal communities.
03:46
Companies need to be sharing more security indulgence with industry peers, toe better, defend against these threats and more rapidly adapt to ever changing threats.
03:59
A key factor for realizing cooperated approaches are the underlying threat. Intelligence data formats.
04:05
The offer. A semi structured representation off identified threats and ensure a common understanding off security related observations. As the document incidents use in general mark up language is a common characteristic. Off these formats is a good MACHIN readability
04:26
structure of threat intelligence
04:28
ease off a great value for experts
04:31
as it enables them to understand threats and attacks. However,
04:38
this is only possible when experts are able to read and analyze thes information.
04:45
I believe that it is critically important to understand your overall intelligence priorities and the requirements all the security teams that will be consuming threat intelligence. The feedback loop is off the utmost importance, eh, boss
05:02
Classical intelligence and Cyber Threat Intelligence.
05:08
Its main goal is to adjust let requirements made by the decision makers, but it is also used in tactical weighs in cyber threat intelligence. For example, feedback on usage off indicators can be usedto understand trends off attacks.
05:26
The effectiveness off
05:28
One cycle off threat intelligence will determine the essential elements off information
05:34
that is needed for the next cycle, including what space is to focus on when collecting data
05:42
and how first action needs to be taken
05:46
up in receiving the cyber threat intelligence finish, it reports.
05:50
Stakeholders should provide feedback to help fine tune future. It orations
05:57
all the intelligence distribution
06:00
and inform future intelligence operations.
06:03
Dissemination
06:04
is the timely conveyance off completed intelligence products in an appropriate format to the intended consumers.
06:15
The frequency off dissemination
06:16
should match the time period on which the continent is based.
06:23
For example, operational material needs to be delivered frequently, whereas strategy content
06:30
will be more intermittent.
06:34
In this lesson, we had a no overview off dissemination. We've seen the different forms, often delusions which are tactical, operational and strategic intelligence.
06:46
We've also seen an important part all the dissemination which is sharing,
06:53
and another important part of the dissemination phase, which is feedback.
07:00
This is all for the introduction to the module dissemination and feedback. The next video will cover the technical aspect off disseminating intelligence.
Up Next
Advanced Cyber Threat Intelligence

Advanced Cyber Threat Intelligence will benefit security practitioners interested in preventing cyber threats. Learn how to leverage your existing data sources to extract useful information and find complementary information from external sources.

Instructed By