Threat Intelligence

What is threat intelligence? One definition of threat intelligence is: “evidence-based knowledge, including context, mechanisms, indicators, implications and actionable advice, about an existing or emerging menace or hazard to assets that can be used to inform decisions regarding the subject’s response to that menace or hazard.

Threat is an abused term, a threat to one organization may not be a threat to another. Many organizations fail to identify threats and thus, usually appropriate security resources to the wrong areas or spend too long on processes, such as risk and vulnerability analysis, instead of mitigating and fixing issues.

For a threat to exist, there must be a combination of intent, capability and opportunity.

Intent is a malicious actor’s desire to target your organization
Capability is their means to do so (such as specific types of malware)
Opportunity is the opening the actor needs (such as vulnerabilities, whether it be in software, hardware, or personnel)

As an example, if an actor has the intent and capability but the organization is not vulnerable or there is no opportunity present, then the actor is simply not a threat. This basic understanding is extremely important concerning threat intelligence.

Contact Top Recruiter NETwork:

charles@toprecruiter.net

GoTo: Top Recruiter NETwork Home Page