NuHarbor Security
  • Solutions
    Solutions
    Custom cybersecurity solutions that meet you where you are.
    • Overview
    • Our Approach
    • Data Icon Resources
    • Consultation Icon Consult with an expert
    • By Business Need
      • Identify Gaps in My Cybersecurity Plan
      • Detect and Respond to Threats in My Environment
      • Fulfill Compliance Assessments and Requirements
      • Verify Security With Expert-Led Testing
      • Manage Complex Cybersecurity Technologies
      • Security Monitoring With Splunk
    • By Industry
      • State & Local Government
      • Higher Education
      • Federal
      • Finance
      • Healthcare
      • Insurance
    Report 2023-2024 SLED Cybersecurity Priorities Report
    2023-2024 SLED Cybersecurity Priorities Report
    Read Report
  • Services
    Services
    Outcomes you want from a team of experts you can trust.
    • Overview
    • Data Icon Resources
    • Consultation Icon Consult with an expert
    • Security Testing
      • Penetration Testing
      • Application Penetration Testing
      • Vulnerability Scanning
      • Wireless Penetration Testing
      • Internal Penetration Testing
      • External Penetration Testing
    • Assessment & Compliance
      • CMMC Compliance
      • NIST 800-53
      • HIPAA Security Standards
      • ISO 27001
      • MARS-E Security Standards
      • New York Cybersecurity (23 NYCRR 500)
      • Payment Card Industry (PCI)
    • Advisory & Planning
      • Security Strategy
      • Incident Response Planning
      • Security Program Reviews
      • Security Risk Assessments
      • Virtual CISO
      • Policy Review
    • Managed Services
      • Curated Threat Intelligence
      • Managed Detection and Response (MDR)
      • Sentinel Managed Extended Detection and Response (MXDR)
      • SOC as a Service
      • Splunk Managed Services
      • Tenable Managed Services
      • Vendor Security Assessments
      • Vulnerability Management
      • Zscaler Support Services
    Report 2023-2024 SLED Cybersecurity Priorities Report
    2023-2024 SLED Cybersecurity Priorities Report
    Read Report
  • Partners
  • Resources
    Resources
    Explore reports, webinars, case studies, and more.
    • Browse Resources
    • Consultation Icon Consult with an expert
    • Blog icon Blog
    • Podcast icon Podcast
    • Annual SLED CPR icon Annual SLED CPR
    • Downloadable Assets icon Downloadable Assets
    Report 2023-2024 SLED Cybersecurity Priorities Report
    2023-2024 SLED Cybersecurity Priorities Report
    Read Report
  • Company
    Company
    We do cybersecurity differently – the right way.
    • Overview
    • Data Icon Resources
    • Consultation Icon Consult with an expert
    • Leadership
    • News
    • Careers
    • Contact
    Report 2023-2024 SLED Cybersecurity Priorities Report
    2023-2024 SLED Cybersecurity Priorities Report
    Read Report
  • Consult with an expert
  • Client support
  • Careers
  • Contact
1.800.917.5719
NuHarbor Security Blog
    • Compliance
    • Cybersecurity Technology
    • Security Operations
    • Industry Insights
    • Security Testing
    • Advisory and Planning
    • Application Security
    • Managed Detection and Response
    • Threat Intelligence
    • NuHarbor
    • Managed Services
    • Cyber Talent
September 11, 2020

Cyber Threat Intelligence 101: The Basics

NuHarbor Security
What Is Cyber Threat Intelligence?

Cyber threat intelligence is information used to identify and understand cyber threats to an organization. This intelligence is used to identify threat risks and make informed decisions to protect and secure infrastructure against threat actors and vulnerabilities. Intelligence can be obtained from a wide range of sources from published indicators of compromise (IOCs) to dark web forums. Having up to date and accurate threat intelligence is critical to any cybersecurity program.

Why Is Cyber Threat Intelligence Important?

The threat landscape is always changing and evolving, and an effective cybersecurity team needs to stay on top of the latest threats. Identifying and addressing emerging and persistent threats is critical to ensure that your cybersecurity team can proactively address and mitigate threats as they appear. Without a cyber threat intelligence program, organizations are left to react to threats, or worse, deal with the fallout of an incident.

Although a cyber threat intelligence program may sound complicated, it’s based around a simple five-step cycle. Implementing the threat intelligence cycle is a great place to start when building out a cyber threat intelligence team. Since the goals and scope are defined by your organization, it can work for programs with limited resources as well as larger programs with dedicated threat teams.

Steps of the Threat Intelligence Cycle

The threat intelligence process is cyclical to ensure that it evolves with technology, responds to identified gaps in current intelligence, and adapts to an everchanging and evolving threat landscape. There are five main steps in a typical threat intelligence cycle.

  1. Define Requirements

In the first step, the objectives and scope are determined. These are used to develop a set of intelligence requirements that define current gaps of knowledge and lay the foundation for that cycle. The intelligence requirements are often influenced by gaps found in the previous cycle or to address new threats that have been identified since the last cycle. This step is critical to the success of the process by clearly identifying objectives and guiding the team through the rest of the steps.

  1. Collect Data

Guided by the intelligence requirements defined step one, intelligence is collected to address intelligence gaps. This can come from a variety of sources including threat feeds, logs from internal security appliances, industry peers and experts, forms, news sites, and many other sources. Collected data will often be formatted differently and come in varying levels of usability, so processing is needed before the data can be made usable.

  1. Process Data

Collected intelligence will need to be processed and aggregated to covert the raw and incomplete data into a structured and useful format. Processed data is often input into a threat intelligence platform (e.g., ThreatConnect) during this step. This can be done after all data is collected or processed as data comes in, but all data must be processed before the analysis can start.

  1. Analyze Data

Once all the data is collected and processed, the team can then attempt to answer the intelligence requirements with the data collected and determine what actions are recommended to address and mitigate the threats identified. Relevant conclusions and recommendations are then compiled into intelligence reports so they can be disseminated in the next step. Any gaps in intelligence identified during the analysis step will be used to shape the requirements of the next cycle.

  1. Disseminate Intelligence and Receive Feedback

The final step of the cycle gets relevant actionable intelligence to those who need it. The team will distribute the intelligence to the stakeholders and relevant parties, enabling them to make informed decisions. This intelligence should be concise and relevant to the recipient and usually takes the form of a short report or slide show. Once intelligence is disseminated, feedback should be collected to gauge how effective and useful the intelligence and report was and to improve the final product in the future. With the final step completed, the team then prepares for future cycles.

Conclusion

Whether your organization is small with limited resources or a Fortune 500 company, an effective threat intelligence program is critical to ensuring the security of your infrastructure. Whether you’re looking for an MSSP with a dedicated cyber threat team or some basic advice, NuHarbor Security is here to help with all your security needs. Contact us today!

Included Topics

  • Threat Intelligence,
  • Industry Insights,
  • Security Operations

Related Posts

Threat Intelligence 3 min read
Threat Hunting Basics: The Hunted Becomes the Hunter Read More
Compliance 7 min read
Simplifying Cybersecurity Risk Assessments
Read More
Compliance 3 min read
Building an Information Security Management System With ISO 27001 Read More

Subscribe via Email

Subscribe to our blog to get insights sent directly to your inbox.

Subscribe Here!

Latest Pwned episodes

Episode 200 - Reflections of Pwned...Until Next Time
April 03, 2024
Episode 200 - Reflections of Pwned...Until Next Time
Listen Now
Episode 199 - When a BlackCat Crosses Your Path...
March 21, 2024
Episode 199 - When a BlackCat Crosses Your Path...
Listen Now
Episode 198 - Heard it Through the Grapevine - Beyond the Beltway, 2024
March 08, 2024
Episode 198 - Heard it Through the Grapevine - Beyond the Beltway, 2024
Listen Now
NuHarbor Security logo
NuHarbor Security

553 Roosevelt Highway
Colchester, VT 05446

1.800.917.5719

  • Solutions
  • Services
  • Partners
  • Resources
  • Company
  • Contact
  • Privacy Policy
Connect
  • Twitter
  • Linkedin
  • YouTube
©2025 NuHarbor Security. All rights reserved.