Cyber Threat Intelligence
Cyber Threat Intelligence
Cyber Threat Intelligence is the assessment, validation and reporting of information on current and potential cyber threats to maintain an organisation’s situational awareness.
You have an interest in security, technology and current affairs, because you're likely to be researching emerging threats and generating forward-looking assessments of their trajectory. Your colleagues and senior managers in Cybersecurity Operations have confidence that your assessments are underpinned by rigorous analysis, because the intelligence you produce guides decision-making within the organisation. And, if you deal directly with clients, you support them with tactical and operational assessments which enable them to identify, track and satisfy their intelligence needs.
​
You follow news reports, especially in specialist cyber security media. But you're also imaginative about finding and interpreting a wide range of information
On the program learners will receive knowledge and skills relating to the following areas:
-
Threat Intelligence, Assessment and Threat Modelling
-
Open Source Intelligence (OSINT)
-
Penetration Testing and conducting Simulated Attack Exercises
-
Intrusion Detection and Analysis
-
Malware & Attack Technologies
-
Security Operations and Incident Management
-
Adversarial Behaviours
-
Law & Regulation
-
Network Security
-
Risk Management and Governance
-
Forensics
sources, including social media. You may use specialist tools that exist to help curate personal news aggregators; these tools help CTI teams see through the noise in order to focus on the most critical topics. You interpret what you read to construct a credible view of emerging threats and the development of existing ones. You may also carry out your own research direct into potential threats, by studying attempted and successful breaches and the actors behind them.
​
You work closely with colleagues who are responsible for identifying vulnerabilities and deciding how to manage them. Your work feeds into risk assessments and into the planning and management of security controls. Depending on the size of the organisation, you may be involved in some of this work or even do it yourself.
​
If there's a security incident involving an intrusion, you support the analysis of the attack and its attribution to an external actor. In some roles, you may liaise with other organisations - either cyber threat intelligence specialists or government agencies - to maintain a common view of threats. In some sectors, such as finance, it's common for businesses to share intelligence in order to better protect the whole sector.
​
Part of your responsibility may be to contribute to or develop the strategy for Security Operations. Depending on the organisation for which you work, you're likely to be required to provide support to the security operations centre (SOC) or computer incident response teams (CIRT). In many organisations, you're part of a SOC.
Entry Level Program
Learners will receive...
-
Coming soon...
Practitioner Level Program
Learners will receive...
-
Coming soon
​
​