Video Description

Module 5 deals with Operational Threat Intelligence. This encompasses analysts, senior management, processes, and technology. We also have a look at the "Diamond Model," threat actors, and campaigns. The day-to-day duties of the analyst occur on a short timeline. They are more immediate and are focused on adversaries and understanding what they're up to. Intel comes to the analyst via threat feeds - internal and external - vendor-supplied, and via paid subscription. The analyst is then tasked with determining if any of this intel is credible. Emerging technologies such as the proliferation of mobile devices make the task more challenging. Roaming staff increases risk along with managed and cloud resources. Determining the boundary of responsibility becomes difficult. The final step as covered in a previous video is the sharing of threat intel with all interested stakeholders. From an organizational standpoint this requires a methodical approach governed by policies and procedures.

Course Modules

Intro to Cyber Threat Intelligence

Module 8 - Tactical Threat Intelligence Requirements

Module 12 - Summary