Cyber Threat Intelligence (CTI)
“Know your enemy” — Sun Tzu, The Art of War
​
This offer is about enabling your business to proactively and tactically understand who is likely to attack the business, how that attack may be executed and with what tools. This knowledge can be used to mount a more effective Cyber defence.
​
Cyber Threat Intelligence is knowledge about adversaries, their intent and capabilities to launch effective targeted cyberattacks against your business - to breach the confidentiality, integrity and/or availability of your information assets.
Adversaries, sometimes known as Threat Actor Groups, will have a modus operandi –in terms of specific Tactics, Techniques and Procedures (TTPs) employed to defeat your defences.
However, it’s important to understand TTPs in context of your business ecosystem to identify appropriate preventative and detective controls. It can be a game changer in protecting business reputation.
​
Arm your business with knowledge about your main threats
We can work with your security team and stakeholders in establishing a CTI capability to generate and/or consume intelligence. Threat intelligence can then be developed into preventative and detective controls - actionable by your DevOps or infrastructure engineering teams.
Our engagement can be delivered in one of three modes:
-
Establish the primary CTI function augmenting an existing in-house SOC (or SIEM service)
-
An Intelligence Cell delivering discrete Cyber Attack use cases to your outsourced SOC
-
In the absence of a SOC, an Intelligence Cell to support your DevOps team deploy controls
​​
An ‘Intelligence Cell’ is a DVL framework-based concept that enables resource limited businesses to establish an effective means to proactively develop counter threat controls- i.e. strategic and tactical intelligence.
​
NB. A SOC is Security Operations Centre that has teams who monitor IT environment behaviour for indicators of attack and compromise.
​
​
​