Cyber threat intelligence compact fact sheet

Any intelligence gathering process into the activity of an adversary is critical for your own integrity and resilience.  In order to accomplish this, in this age of the computer, the automated tools have their place in everyone’s armory.

Equally, having adequate data in the ‘good guys’ and how they can contribute to your continuum of intelligence gathering, is most appropriate.

I consider that it goes without saying; FireEye visually portrays the magnitude of the battle that you or your business is faced with.  The data provided on this battle map is extremely valuable when aligning intelligence. So don’t be seduced as this is a battle, just like any other, unfeeling without consideration as to whom the target is and yes that’s all on screen or is it, but it’s for real?


Nominally, it’s about financial gain to the criminals, yours or the bank’s loss.  It doesn’t matter to them.  However, the adversary could be state motivated, traditionally known as the spy, and it’s not all about James Bond, that’s fantasy!  Intelligence would be the key factor, military, industrial or financial!

However, cyber security is not just about this high profile threat, as I wish to review things close to home and what you can do to be proactive and aid the business you work for.  So let’s look at the ’10 Steps to Cyber Security’

Cyber threat intelligence dia
Courtesy of HMG, CESG

For the home user, using the likes of Norton 360 and Utensils, will given them adequate coverage in this arena, but ‘discipline‘ is fundamental.

However, in the business arena the requirements are more diverse and enacting.   I proffer to any reader, implementation of ISO 27001/2 as a foundation.  This then supports PCI DSS; CobiT to name a range of standards, the requirements will be dictated by the business.

Ownership of the process from the ‘Top’ is crucial, this will show leading by example and a management title is only a name tag!  It must be driven ‘Top -down’, experience has shown me, that if its ‘Bottom – up’ it’s doomed for failure and really we don’t want that. 

Dalai Lama spoke at Glastonbury

Just diversifying, I heard the Dalai Lama speak at Glastonbury on his 80th birthday.  By starting as one soul and radiating outwards, the positiveness gets greater.  1 – 100 – 1000….. each focusing on the positiveness of life will overcome the negativeness that surrounds us ….  including cyber security!

10 steps to Cyber Security

Each of the steps are depicted here:

  • Education and awareness;
  • Mobile working;
  • Secure configuration;
  • Removable media;
  • Management of priviliges;
  • Incident management;
  • Monitoring;
  • Malware Protection;
  • Network security; and
  • Risk management.

By working as a team, in a disciplined manner we collectively combat the threat.  This ownership is crucial for your business, which pays you at the end of the month.  Thus it’s imperative that these business attributes must be followed and not detracted from.

Lets look at the good guys

These will possess strengths for the business, whether it’s collaboration or undertakings.  Each in itself will be a positive attribute in the greater scheme of the cyber world to allow the business to mature.

Prospective tools for security managers, are and not exhausted to:

  • Deloitte.

This is just a spread of the good guys on the web.  The threat is part of the continuum in the threat arena, just as equally, the criminal is like the fox after its prey.  Just as I type at the moment, I can think of a plethora of other links I could be including, but maybe next time.

This is just the tip of the iceberg and we all know about this lurking predator that was.  The threat will change, just as the demographics will change, hence we must be alert to the fluid situation and keep abreast of the threat in the bigger scale of things.

At present, there is no end to this situation, it’s the here and now and what we have to live with, that’s why it’s the ‘continuum’.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.