Why does Strategic Threat Intelligence matter?
Threat intelligence has undoubtedly become a much more familiar concept over the course of recent years, driven by frameworks such as CBEST and TIBER. However, despite this progress, discussion can very often focus on technical and operational intelligence (such as indicators of compromise) and less so on the strategic. This presentation seeks to redress that balance. By examining strategic analysis in the context of the intelligence lifecycle; examples of sources that inform it; and the forms it can take, we can then also consider its applications in a real-world context. Use cases might include, for example, informing risk assessments; feeding into investment priorities; vulnerability prioritization; or providing a greater understanding of how operational strategies can affect the threat landscape. The presentation will reference specific use cases, demonstrating where strategic threat intelligence has added value in practice. By throwing this spotlight on strategic threat intelligence, we will consider the value it can bring to an organization, its applications and the insights it provides. Where technical intelligence can help us to answer questions such as ‘how’, ‘when’ or ‘what’, strategic intelligence can help to answer the ‘why’.