Does your company use ‘threat intelligence’? Are intelligence processes incorporated into planning, as well as crisis management? Does your cyber intelligence live in the Security Operations Centre (SOC), at the management level with the SOC supervisor/manager or perhaps the CISO and/or CIO or does it make it to the executive suite and Board of Directors.
If your personnel don’t understand what Intelligence is and how it works, even the best of Intelligence / Threat Intelligence will not be utilized. Cyber Intelligence should make it into ALL levels of your organization. Not the same product at all levels of course, but intelligence can and should be a ‘force-multiplier’ at all levels of your organization.
Intelligence Evaluations look at formal security processes, both human and electronic as well as your organization’s culture (formal or policy and informal or what really happens).
The CIDC team looks for:
- An understanding (in general terms) of what Intelligence (including threat intelligence) is;
- How intelligence is used;
- How Intelligence is directed (top down);
- How Intelligence is sourced (internal and/or external);
- How Intelligence flows back up your chain of command;
- What level of situational awareness is maintained;
- To the general cyber environment;
- To the cyber threats to your industry;
- To your specific sensors and security applications;
- To your security personnel
This is a detailed examination of part of your network / cyber security operations by personnel with a rich background in training and evaluating Intelligence personnel – and those who work with Intelligence personnel. When the evaluation is complete you will know exactly how much your people know and how effective the Intelligence component of your security operation is.