Maturing a Threat Intelligence Program
Even in the most sophisticated security organisations, resource constraints can dictate that threat intelligence (TI) is the responsibility of a sole analyst sifting through incident alerts looking for patterns and trends which may indicate that a threat exists. Threat intelligence is more than that.
It is evidence-based knowledge, including context, mechanisms, indicators, implications and actionable advice, about an existing or emerging menace or hazard to assets that can be used to inform decisions regarding the subject’s response to that menace or hazard.
But how do you assess the state of your current threat intelligence program? The Threat Intelligence Maturity Model in this report reviews each stage to help you assess where you are on the path to a mature threat intelligence programme. The model offers some general direction on the risks and opportunities to grow at each stage, as well as things to consider as you anticipate moving to the next milestone.
The Threat Intelligence Maturity Model (TIMM) contains:
- An analysis of the level you are at
- The typical team at that level
- Risks at that stage
- Recommendations for growth