|
According to (CERT-UK ), Cyber Threat Intelligence (CTI) is an "elusive"〔(), CERT-UK, An introduction to threat intelligence〕 concept. While cyber security comprises the recruitment of IT-security experts, and the deployment of technical means, to protect an organisation's critical infrastructure, or intellectual property, CTI is based on the collection of intelligence using Open Source Intelligence (OSINT), Social Media Intelligence (SOCMINT) , Human Intelligence (HUMINT) or intelligence in the deep and dark webs. CTI's key mission is to research and analyse trends and technical developments in three areas: * Cybercrime * Cyber activism * Cyber espionage (Advanced Persistent Threat or APT) ==Types of CTI== According to UK's Centre for the Protection of National Infrastructure (CPNI), there are four types of threat intelligence:〔(), CPNI, Threat Intelligence Infographic〕 * Tactical: Attacker methodologies, tools and tactics * Technical: Indicators of specific malware * Operational: Details of specific incoming attack * Strategic: High level information on changing risk (strategic shifts) In the financial sector, the CBEST〔(), An introduction to CBEST〕 framework of the Bank of England assumes that penetration testing is no longer adequate to protect sensitive business sectors, such as the banking sector. In response, the UK Financial Authorities (Bank of England, Her Majesty’s Treasury, and the Financial Conduct Authority) recommend several steps to guard financial institutions from cyber threats, including receiving "advice from the cyber threat intelligence providers operating within the UK Government."〔(), CBEST Implementation Guide〕 抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「Cyber threat intelligence」の詳細全文を読む スポンサード リンク
|