This blog post will discuss the definition of threat intelligence and different stages of the threat intelligence cycle to help you better understand what happens behind the scenes.

The purpose of the Cyber Threat Intelligence (CTI) team is to understand the cyber threat environment and communicate intelligence so that the organisation can make better decisions about lowering cyber risk. Decision stakeholders can be people or systems therefore the information, and the way it is communicated, needs to be tailored to each user.

Military general and philosopher Sun Tzu once led the largest armies in the world and authored The Art of War, still considered a masterpiece of tactical warfare and very relevant as we wage our battles against evolving cyberattacks. That’s because even though threat intelligence is a relatively new discipline in our cyber defense processes, it has actually been around for more than 2,500 years.

Proper management of threat data is critical in today’s security operations and modern SOCs. The knowledge of threats, their priority in our environment, their management, and the ability to analyze them, will give us anticipatory capabilities we wouldn’t have without this management.

Last week, we announced v5 of the ThreatQ platform with capabilities needed today to support the security operations center (SOC) of the future. SOCs have been maturing and evolving into detection and response organizations, a transformation that Gartner anticipated back in 2013 and deemed a requirement for this decade. I’m proud that ThreatQuotient has consistently been at the forefront of innovating and delivering what the SOC of the future needs.