Introduction:
In the cyber security world, threat intelligence become one
of the most valuable weapon to fight the attackers, threat actors and part time
hackers. Even at the heights of attackers like state sponsored attacks, threat intelligence
able to detect and give good time to fight against them. Many usually asked us,
what the use of collecting threat intelligence is. We answered them in this
way, many attacks are sector based or targeting specific industry on the attackers’
interest. So we can collect those alert from difference sources and maintain
the threat intelligence platform. Using that, we can detect attacks in the log
monitoring and proceed to block them.
This is how it generally works. But if you go for deeper
analysis on threat intelligence we will find more things like types of threat
intelligence, how it is helpful in fighting against threat actors. Threat
intelligence are categorised in to three types:
- Strategic Intelligence
- Operational Intelligence
- Tactical Intelligence
Strategic Intelligence:
It’s a high-level one. People in the commanding position is
required for thorough determination to critically assess threats.
Operational Intelligence:
It’s totally about how the organisation is working on
determining the proactive assessment on the future cyber threats which is
targeted on the organisation based on the sector based attacks.
Tactical Intelligence:
It’s all about attacker methodologies which is like tools,
and tactics, and how dangerous the attacker is.
Conclusion:
Overall, threat intelligence will enhance the cybersecurity
posture and holistic risk management policies. So the decision making after the
detection of intrusion will be better and lessons learned will be more
valuable.
