Page 64 - Cyber Defense eMagazine August 2024
P. 64
In order to reach intelligence-level threat indicators, the threat intelligence lifecycle is commonly used.
The threat intelligence life cycle refers to the process of transforming raw data into actionable intelligence
for decision-making through a continuous, iterative process involving requirements, collection,
processing, analysis, distribution, and feedback.
Requirements: Establishing goals and a road map for threat intelligence.
Collection: Gathering threat information from various sources.
Processing: Preprocessing collected data into a format suitable for analysis.
Analysis: Deriving answers for requirements.
Distribution: Sharing analyzed results.
Feedback: Receiving feedback on the distributed results.
This life cycle helps organizations systematically manage the collection, analysis, sharing, and utilization
of threat intelligence to respond effectively to security threats.
The increasing sophistication of cyber threats and the rise of advanced persistent attacks necessitate the
integration of threat intelligence into cybersecurity strategies. Existing passive responses based on
fragmented data and information appear to be insufficient. Moreover, traditional security measures often
detect less than 70% of threats, leaving a significant portion of unknown threats undetected and a portion
of threat events likely to be false positives. Applying threat intelligence will help upgrade cybersecurity
strategies, reduce false positives, enhance detection, and expand the effective detection area to over
90%.
Cyber Defense eMagazine – August 2024 Edition 64
Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
