Organization carries out threat intelligence by gathering information about information security threats related to its operations and how to protect against them. The goal is to increase awareness of the threat environment, so that own security level can be better evaluated and adequate control measures implemented.
When collecting threat intelligence, all three levels must be taken into account:
Principles related to threat intelligence should include:
Organization carries out threat intelligence by analyzing and utilizing collected information about relevant cyber security threats related and corresponding protections.
When analyzing and utilizing the collected threat intelligence information, the following points must be taken into account:
Organization should share threat intelligence information actively with other organizations to improve its own threat awareness.
Organization must consider the threat intelligence process findings in the information security risk management process. Threat intelligence can detect, for example, the proliferation of certain types of attacks or the development of new technologies, based on which assessments of certain information security risks must be updated, which may lead to the need to reduce risks through treatment plans.