8.2 Units in Need of CTI

00:01

Hello, everybody. Welcome back to the introduction to, say betrayed the intelligence curse. We're getting close to finishing discursive, and it has been a really fun time. I have quite enjoyed sharing these knowledge with all of you, but this is not over yet. Today. We're going to go through some quick conclusions

00:19

related to every other team that has been discussed during the curse.

00:23

Let's get on it.

00:26

The Security Operations Center sock.

00:31

It's a very crucial team that will

00:34

received very important information for decided from the Cyber Threat Intelligence Unit. When talking about the security operations. There are three crucial items that need to be provided in order to enhance their capabilities. These are

00:49

that exposure incidents

00:52

this ever treat intelligence should have the capabilities to report that exposure incidents toe affected stakeholders for remediation.

01:00

High risk but high risk. My our families. These requires the intelligence team to research the evolution and Prince of Modular Families with Hye Ri stood organization. This again is we're having the organization's objectives in place have a great role

01:19

since by knowing what my work and really affect organizations capabilities, the information can be filtered down to what these team needs

01:29

and last the reputation risk. Among old information collected, This Saber Trades intelligence team has the capability to identify what threats can affect the organization's reputations directly.

01:45

Another important team that Dietz's Pacific data from distribute Credit Intelligence Team is the Incident response unit.

01:53

This is one of the crucial units that cyber craft intelligence can influence for good, and he doesn't need a whole lot of information to enhance its capabilities.

02:02

The most helpful intelligence that can be provided to the steam is the data exposure incidents related to affect her parties and stakeholders for re mediations. Because this way they will know what they're dealing with, how they can contain it

02:19

and what they should or shouldn't do. According to what has happened, the third parties affected by the same threat

02:27

double durability management team can be enhanced in a great way by receiving information from the Cyber Trade Italians unit, such as exploit kits.

02:38

What exploit kids have been pumping around in the dark web. What explodes are they focusing on right now?

02:45

Also, high res vulnerabilities, along with exploit kids information intelligence regarding technical vulnerabilities, are one of the largest amount of information available to consume.

02:57

Um, fertile nobility management cycle is really important to know this in order to prioritize double nobility, patching cycle

03:06

and, lastly, undisclosed vulnerability, remember to see her days. Will Neville is, well, they fit right here By knowing that a certain series able nobility is strengthening the Organization on Landscape Immediate Can close can be deployed in order to prevent a vulnerability of being exploited.

03:24

This control system have to be an old time solution,

03:27

but he will bought by time in the meantime that they will know abilities. Patch by its provider.

03:36

The whole risk world loves information,

03:38

but it loves even more intelligence. Our information with context.

03:44

Since this way assigning an impact, a potential risk on so many other characteristics becomes way easier. The steamed can receive valuable information from the Cyber Threat Intelligence team in the area's off

03:59

third body security competence.

04:01

What Chris does the other organizations introduced to our own organization has the security provider has ever been breached? Or how about the external I T support and that take us to our next category? Third parties with elevated risk? Where is the most important service is for the organizations

04:20

that are not managed by our people.

04:23

What information can be provided to risk analyses from the cyber tracked intelligence unit in order to know which of those vendors or providers are at risk because they have some vulnerability or they have been breached in the past years.

04:42

Next, we have security leadership.

04:45

This area in the organization is one that benefits the most since one of the main objectives that we stayed at the video beginning of this curse is that Sable credit intelligence helps the organization not on Lee to identify Mauer threats, etcetera, etcetera. But it helps it by enriching information their leaders have,

05:04

and with that

05:05

take better and more informed decisions.

05:10

This specific fields, the cyber threat intelligence can't help security leadership are

05:15

attack planning. How can the external hackers and Attackers find my organization? I make it a target.

05:23

What am I putting outside that is making me a possible attack Vector

05:28

industry attack trends.

05:30

Imagine that you have to assign a cyber security strategy to your organization, but you didn't even know what you're trying to defend yourself from.

05:39

The subject will exactly tell you how your organization may be attacked. What other organizations are doing to prevent them from being compromised. And even with those defense mechanisms, how are they getting compromised? Either way,

05:54

that is a whole lot of valuable information in order to make a robust cyber security strategy.

06:00

Third, we have the infrastructure risk. You have your servers, your fire wolves, you router and anything else that you wanna having your infrastructure.

06:10

But if you don't, you don't know how often you're bender dispatching their systems or how often their products are getting compromised. You cannot know how much risk you're assuming for the solely action off having that broader as a part of your infrastructure

06:27

unless the targeted threat actor and campaign research

06:31

disciple Trent Intelligence is capable of providing any kind of information related to specific attack or attack group

06:40

providing this way, a keen approach to a possible solution when discussing several arrests.

06:49

Well, and this brings us to the end of our conclusion model

06:55

way. Have it have done it, guys, we have reached the last episode on the Conclusion model. This is also the last episode with brand new information, but fear not. I'm not gone yet. In our upcoming videos. We're going to make a huge summary off everything we discussed in these cars.

07:14

This way, if you want to get on fresh of the most important subjects discussed, you can go through these two tedious and identify which episode is the one that you want to check it in detail.