Integrate Threat Intelligence program into your daily security operations - Phase 1 - Planning and Preparation

From the last article located at here, we have now a majority of information to start the preparation and planning. In this article, I am going to explain how we can initiate the project and start preparing plans and procedures. This can be done in two phases.

Initial meetings with internal team to discuss the current threat landscape of an organisation.

Review observations that can help to prepare a perfect plan.

Integrate the Threat Intelligence program into your daily security operations - Phase 0 - Introduction

There is a huge amount of the increasing use of sophisticated malware, and often organisations fail to understand the real intent of such activities by a large group of hackers, nation-sponsored attacks, organized cybercrimes, cyber terrorists. These attacks result in revenue disruption, damaging public and private reputation and demolishing business processes and workflow.

Intelligence is staying ahead of the next threat targeting to your organisation by implementing protective measures to protect your brand reputation, data, people, process and technology infrastructure. I am assuming whoever reading this article has a little bit of background knowledge on threat intelligence terminology.

Just having a Threat intelligence product itself is not sufficient, data should be collected, classified and correlated with hacking tools, tactics and techniques.