Cyber Threat Intelligence
Cyber Threat Intelligence - The importance of Cyber Threat Intelligence lies in its ability to help organizations anticipate and mitigate potential cyber threats. By understanding the methods and tools used by cybercriminals, organizations can develop more effective security strategies, counter possible troubles, and reduce the risk of a successful cyber-attack. This proactive approach to cybersecurity can save organizations significant time, money, and resources, making Cyber Threat Intelligence a crucial component of any comprehensive cybersecurity strategy.
Although anyone can use open source or commercial tools to gather cyber threat intelligence, it is the ethical responsibility of cyber professionals to maintain the confidentiality of proprietary company data. Generally, every employee signs Non-Disclosure Agreements, which ensures that internally available information remains private. Failure to do so could aid attackers in focusing their attacks by combining externally available data with internally available data, allowing them to move laterally more efficiently.
The following paper explores different methods for gathering publicly accessible intelligence on three prominent electric car manufacturers and how malicious actors may utilize this information to execute potential attacks. Additionally, it provides recommendations for implementing security measures within an organization to mitigate the risks of such attacks.
cyber_threat_intelligence_program_plan_final.docx |
Reflection
This course was highly interactive and practical. It introduced various concepts and techniques for passively gathering cyber intelligence. Throughout the course, I was able to simulate the role of an attacker, conducting reconnaissance on a target and assessing various technical tools and methods available for gathering publicly accessible information, such as external vulnerabilities and paths for exploitation. Social engineering tactics were also explored as a means of gaining access to networks or systems.
Cyber professionals need to maintain confidentiality when it comes to gathering cyber threat intelligence using either open-source or commercial tools. It is critical to recognize the ethical responsibility that comes with gathering cyber threat intelligence and to act in a manner that aligns with the principles of professionalism and expertise.
This experience highlighted the importance of cybersecurity professionals being aware of the information that attackers seek and the ethical responsibility that comes with protecting an organization and keeping teams informed of potential vulnerabilities. I am excited to apply the new skills and knowledge gained from this course to help keep my organization secure and to advance my career by exploring new processes for obtaining information on attack surfaces and reporting accordingly.
References:
McKinsey (March 2022) “Cyber security Trends: Looking over the Horizon” Retrieved from: https://www.mckinsey.com/capabilities/risk-and-resilience/our-insights/cybersecurity/cybersecurity-trends-looking-over-the-horizon
NIST Special Publication 800-150 (2006, October) “Guide to Cyber Threat Information Sharing” Retrieved from: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-150.pdf
Powell, O (December 12,2022) “The biggest data breaches and leaks of 2022” Retrieved from https://www.cshub.com/attacks/articles/the-biggest-data-breaches-and-leaks-of-2022
Tenable ASM (n.d.) Tenable Attack Surface Management https://www.tenable.com/products/tenable-asm
Thales (n.d.) “2023 Thales Cloud Security Study” Retrieved from https://cpl.thalesgroup.com/cloud-security-research