Page 9 - index
P. 9
The release of the report restarts the cycle from the planning and direction phase. Based on the
feedback received, changing threats, or tactics in the cyber environment or new developments
within the organization, analysts must constantly reassess their intelligence.
Conclusion
The complete cycle is more complex than the one presented. Few organizations can afford
large teams to focus on the intelligence aspect, but the process presented accommodates small
teams, even a single individual. Its application allows organizations to keep a cool head rather
than succumb to the hype of security vendors.
By conducting their own threat assessment, resources can be focused on the most relevant
aspects of the information infrastructure rather than buying into any solution available on the
market.
By following this time-proven military process, an organization may actually assess the current
threat as low and invest in growth, while others may find that investing in continuous spear-
phishing identification exercises is more valuable than a brand-new Intrusion Prevention System
(IPS).
Before accepting a magic solution or a database of rapidly aging indicators, the intelligence
process will clearly define the most likely threats and most effective use of network defenses by
focusing resources to protect key users and data.
About the Author
Jonathan Racicot is a signals officer in the Canadian Armed Forces who
occupied multiple positions in network administration, cyber intelligence
and is currently conducting his master’s thesis in computer security at the
Royal Military College of Canada. He spends most of his free time
programming and researching various computer security projects. Follow
him on Twitter at @cyberrecce.
9 Cyber Warnings E-Magazine – August 2015 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide