Time
4 hours 42 minutes
Difficulty
Advanced
CEU/CPE
5

Video Transcription

00:00
Hello and welcome to the second video from the module Dissemination and feedback in this dust, um, will discover the first pillar off the intelligence forms, which is tactical intelligence.
00:13
In this video, we will focus on tactical intelligence. We will start with a quick understanding off. Where is technical intelligence? Then we will see tactical decisions. We will see the benefits off tactical intelligence and their shortcomings, and we will finish with
00:32
discovering what is the appropriate audience for tactical intelligence.
00:37
The technical intelligence is also called technical intelligence,
00:42
and it is basically technical and comparatively short term.
00:47
It might be as simple as looking for IOC's, but it's not toe underestimate its importance.
00:55
Its main focus is to deliver meaningful information to those in need of it immediately.
01:02
In other words, tactical threat Intelligence is information from known attacks. As a result, off direct action by cyber criminals, which have potential toe immediately influence cybersecurity decision making.
01:18
It supports daily operations and events, and it is limited in analysis,
01:23
basically a real time solutions or threat. Feet providers are common providers off these start off intelligence.
01:33
They are providing ices like file hashes, malicious domains, e mail subjects links and attachments registry keys, file names, deal ends, et cetera that can be easily integrated with security product.
01:49
Tactical intelligence can lead to conclusions about what adversaries wants,
01:56
which can help you make rapid decisions on what to block what hello and at times water shut down.
02:05
Unfortunately, lack of technical intelligence often leads to business is making the wrong decisions, resulting in adversaries either getting all the information they won't or forcing key service is to be taken off line. Better technical intelligence
02:24
can ensure that decisions are optimized.
02:27
Increasingly, organizations are putting policies in place to enable automated responses.
02:35
This is a great use off tactical intelligence, but this approach is only effective when both good strategy and operational intelligence are also optimized. All the three levels must come together to enable organizations to operate
02:53
at network speeds
02:54
when it comes to the benefits off. Tactical cyber threat intelligence.
03:00
This type of intelligence provides context and a relevance to a tremendous amount of data.
03:07
Many large organizations have access to terabytes off data without the ability to understand it, fill it and make it useful
03:16
at the tactical day to day level. Filtering out the noise is crucial technical cyber intelligence introduces methodical process is that help manage in calming desperate data sets, turning them into insightful and actionable intelligence?
03:36
Let's meet the organization's threat information needs.
03:39
Also, technical cyber intelligence empowers organizations to develop a proactive cyber security posture.
03:47
Cyber intelligence at the tactical level must be specific enough to support an organization's ability to minimize risk. So by identifying network and organizational vulnerabilities as well as patterns off adversarial behavior,
04:05
Technical cyber Intelligence can provide insights into an attack model
04:11
revealing the area's off highest risks.
04:15
It also can identify technical business or mission witnesses and helped define and mitigate and organizations and surprise risk technical cyber intelligence can also informs better decision making
04:31
during and following the detection off. Cyber Intrusion
04:36
and Decatur's Off Compromise or IOC's, include very Signature and Muller files I P addresses and all our technical clues off abnormal network activity that can help reveal an adversary's TTP
04:53
as well as what data have bean access. It IOC's could help reveal an adversary's identity,
05:00
intentions and motivations. Tactical cyber intelligence can drive as well momentum towards cybersecurity poster that is productive, not just reactive,
05:13
a more mature, inclusive and agile cyber security framework will hello the organization to collect and analyze more data sets while complimenting the technical cyber intelligence process. Despite the multiple benefits off the tactical cyber intelligence,
05:32
there are several short comics when it comes to tactical threat intelligence.
05:38
First, it is relatively short there in nature due to the fact that some IOC's, such as malicious domains,
05:47
can become obsolete very quickly for their more ever evolving threat. Landscape dictates that sources must be timely
05:58
and off high quality.
06:00
If not,
06:01
this category off intelligence does to generate a lot of false positives when it comes to audience.
06:10
Tactical Threat Intelligence is intended for a technical audience
06:15
and usually includes some technical contexts.
06:18
In particular, tactical threat intelligence is consumed by personnel directly involved in the defense off an organization
06:28
such as system architect, CE administrators and security stuff, although it does also play a role in higher level security decision making. In short, tactical cyber threat intelligence is an important component off your overall intelligence capability.
06:47
Certainly, it can provide you with specifics around the technical aspect off an attack and help you identify areas within your environment to shore up
06:59
and in this dozen we focused all the technical decisions. We've seen the benefits off tactical intelligence while the available short comics and we discovered what audience is the most appropriate for this type off cyber intelligence.
07:16
This was all for this lesson about tactical intelligence. The next video will be about another form, which is operational intelligence.

Up Next

Advanced Cyber Threat Intelligence

Advanced Cyber Threat Intelligence will benefit security practitioners interested in preventing cyber threats. Learn how to leverage your existing data sources to extract useful information and find complementary information from external sources.

Instructed By

Instructor Profile Image
Alyssa Berriche
Instructor