THE ANATOMY OF CYBER THREAT INTELLIGENCE (CTI) Noureen Njoroge - - PowerPoint PPT Presentation

the anatomy of cyber threat intelligence cti
SMART_READER_LITE
LIVE PREVIEW

THE ANATOMY OF CYBER THREAT INTELLIGENCE (CTI) Noureen Njoroge - - PowerPoint PPT Presentation

Jan 29, 2023 7 likes •201 views

THE ANATOMY OF CYBER THREAT INTELLIGENCE (CTI) Noureen Njoroge OVERVIEW Define Cyber Threat Intelligence (CTI) Define Cyber Intelligence (CI) Understand the importance of CTI to an organization Components of Threat Sources of

slide-1
SLIDE 1

Noureen Njoroge

THE ANATOMY OF CYBER THREAT INTELLIGENCE (CTI)

slide-2
SLIDE 2

OVERVIEW

  • Define Cyber Threat Intelligence (CTI)
  • Define Cyber Intelligence (CI)
  • Understand the importance of CTI to an organization
  • Components of Threat
  • Sources of Cyber Threat Intelligence (CTI)
  • Categories of Cyber Threat Intelligence (CTI)
  • Benefits of Cyber Threat Intelligence (CTI)
  • Importance of real-time Cyber Threat Intelligence (CTI)

Noureen Njoroge

slide-3
SLIDE 3

DEFINITION Cyber Threat Intelligence (CTI) Is the analysis of information related to adversaries who have the intent, opportunity and capability to do harm.

Noureen Njoroge

slide-4
SLIDE 4

DEFINITION

Cyber Intelligence (CI) Is the ability to gain knowledge about an enterprise and it’s existing conditions and capabilities.

Noureen Njoroge

slide-5
SLIDE 5

COMPONENTS OF A SUCCESSFUL THREAT INTELLIGENCE STRATEGY

Three Important components

1. Good Data Sources 2. Good Policies, Procedures and chain of command. 3. Good Threat Intelligence Analysts

Noureen Njoroge

slide-6
SLIDE 6

CTI ON A CYBERSECURITY CHART

slide-7
SLIDE 7

Noureen Njoroge

slide-8
SLIDE 8

CTI IS INTELLIGENCE FOCUS

Know the three components of threats:

1. Intent 2. Capability 3. Opportunity

Noureen Njoroge

slide-9
SLIDE 9

CYBER THREAT INTELLIGENCE (CTI) SOURCES

  • Past Incidents
  • Commercial Feeds
  • Govt & Non- Profit sharing programs
  • Threat Intel Reports

Noureen Njoroge

slide-10
SLIDE 10

CATEGORIES OF CYBER THREAT INTELLIGENCE Know the three categories of threats:

1. Tactical 2. Operational 3. Strategic

Noureen Njoroge

slide-11
SLIDE 11

CATEGORIES OF CYBER THREAT INTELLIGENCE

slide-12
SLIDE 12

THE FIVE W’S & HOW Know threat and answer the 5w’s and How.

WHO WHAT WHEN WHERE WHY HOW Noureen Njoroge

slide-13
SLIDE 13

CASE FOR CYBER THREAT INTELLIGENCE (CTI)

Before Attack During an Attack After Attack

Noureen Njoroge

slide-14
SLIDE 14

KEY BENEFITS OF CTI TO AN ORGANIZATION

  • It provides organizations a fighting chance to defeat

ever-changing threats.

  • Provides a holistic view of the threat landscape and

provide a posture to protect the organization from the multitude of threats they face ever day.

Noureen Njoroge

slide-15
SLIDE 15

INTEGRITY OF CTI REPORTS

“All organizations that share threat information to customers or the public through any channel should employ guidelines that help them ensure accuracy in their reporting. Even if all the facts aren’t clear, organizations can still communicate what they know—and avoid guessing. Being right is better than being first”.

https://www.cisco.com/c/dam/m/hu_hu/campaigns/security-hub/pdf/acr-2018.pdf Noureen Njoroge

slide-16
SLIDE 16

BENEFITS OF REAL-TIME -- DYNAMIC CTI

  • Provide visibility of threat landscape
  • Freshness of data
  • Collaboration
  • Threat context

Noureen Njoroge

slide-17
SLIDE 17

KEY TAKEAWAYS

  • Detection
  • Context
  • Advance Persistent Threat (APT)
  • Community Defense

Noureen Njoroge

slide-18
SLIDE 18

FREE CTI RESOURCES

https://www.mitre.org/capabilities/cybersecurity/cyber-threat-intelligence https://www.misp-project.org/feeds/ https://cymon.io https://www.us-cert.gov/ncas/alerts https://talosintelligence.com

Noureen Njoroge

slide-19
SLIDE 19

CONTACT

Noureen Njoroge

cybersecmentorship@gmail.com or nnjoroge@cisco.com Linkedin @ Noureen Njoroge

Thank you for your time

Noureen Njoroge