Did you know Cybrary has FREE video training? Join more than 2,500,000 IT and cyber security professionals, students, career changers, and more, growing their careers on Cybrary.
Module 5 deals with Operational Threat Intelligence. This encompasses analysts, senior management, processes, and technology. We also have a look at the "Diamond Model," threat actors, and campaigns. The day-to-day duties of the analyst occur on a short timeline. They are more immediate and are focused on adversaries and understanding what they're up to. Intel comes to the analyst via threat feeds - internal and external - vendor-supplied, and via paid subscription. The analyst is then tasked with determining if any of this intel is credible. Emerging technologies such as the proliferation of mobile devices make the task more challenging. Roaming staff increases risk along with managed and cloud resources. Determining the boundary of responsibility becomes difficult. The final step as covered in a previous video is the sharing of threat intel with all interested stakeholders. From an organizational standpoint this requires a methodical approach governed by policies and procedures.