Cyber threat intelligence is an ecosystem that supports the decision-making process resulting from the collection, analysis, dissemination and integration of threats and vulnerabilities to an organization and its people and assets. In cyber security, intelligence information includes data concerning threats and vulnerabilities, both internal and external to an organization, that are potentially malicious in nature and may result in the compromise of systems or other assets, leading to the exfiltration of sensitive data. By receiving routine and time sensitive intelligence data from both indigenous and peripherally deployed collection elements, organizations can cross-cue among internal intelligence collectors, rapidly disseminating plans of action to satisfy all levels of requirements.
Cytex believes cyber threat intelligence is both process and product. The primary task of the intelligence process is to synchronize the information gained through collection activities to provide a consumable product to stakeholders, including senior leadership, clients, operational functions and incident response teams. The intelligence process tasks are based on established intelligence requirements set by these stakeholders or those in the organization that have been identified as the consumers of the intelligence.