Many senior executives and managers are not receiving the right type of cyber intelligence to efficiently and effectively inform their organizations’ risk management processes, according to a white paper published on October 22 by the Arlington, VA-based Intelligence and National Security Alliance’s Cyber Intelligence Task Force. Operational Cyber Intelligence – the third white paper in a series on the levels of cyber threat intelligence – and a one-page summary are now available.
The paper coincides with two other task force initiatives in the past week to promote dialogue on the field of cyber intelligence: a new blog and INSA’s submission in response to the request for information (RFI) by the National Institute of Standards and Technology (NIST) on the framework for improving critical infrastructure cybersecurity.
Operational Cyber Intelligence addresses how an organization can better protect itself by facilitating predictive analysis and a more comprehensive understanding of specific threats. The four-step process of cyber intelligence – defining the operating environment, describing the impact of the operating environment, evaluating the adversary and determining adversaries’ potential courses of action – is illustrated in hypothetical yet plausible international scenarios. The paper also examines the related business and mission considerations that senior level executives and managers must weigh when deciding to implement a cyber intelligence program, as well as the workforce and skill sets necessary to support it.
“The ultimate goal of a cyber intelligence program is to reduce risk to an organization’s critical information, intellectual property and ability to successfully conduct its mission. An operational approach to understanding the cyber threat landscape can help inform an organization’s decision making and hopefully lead to improved strategic plans and policies to defend against adversaries,” said John Felker, INSA cyber intelligence task force co-chair and director of cyber and intelligence strategy for Hewlett-Packard.
The new cyber intelligence blog, which will be hosted on INSA’s website, will include news, insight, and opinions from task force members to enhance public discussion of this emerging discipline and expand the conversation initiated by its white paper series. The blog is now available at www.insaonline.org/cyberintelblog.
“We think a comprehensive analysis of adversaries’ objectives, motivations, capabilities and activities is, to this point, an under appreciated piece of the cybersecurity puzzle. We’re excited about this white paper and the blog as new opportunities to bring attention and dialogue to the value of cyber intelligence,” Felker said.
In response to the request for information posted by NIST, “Experience With the Framework for Improving Critical Infrastructure Cybersecurity,” the task force provided comments that propose integrating language about the tenets of cyber intelligence into the framework that would help organizations develop a proactive and comprehensive cybersecurity posture. Click here to read the Task Force’s response to the NIST RFI.
Source: Intelligence and National Security Alliance