Threat intelligence is a category of intelligence that focuses on information security. As defined by Gartner, it is “evidence-based knowledge…about an existing or emerging menace or hazard…to inform decisions regarding the subject’s response to that menace or hazard.” Essentially, threat intelligence provides you with curated information to inform you about potential malicious activity and helps you make better decisions about how to prevent bad things occurring to you or your organisation.
In order to sustain a strong security posture, an organisation must develop and answer questions specific to the business, many of which must be answered continually as situations and environments evolve. Questions such as: will bringing in additional security solutions really give that much more additional protection? Is updating each and every legacy system worth the cost? Who are my enemies and how might they attack me? Threat intelligence helps organisations to tackle these questions and make more informed decisions with context.
Learn more about cyber threat intelligence, of which there are three ’levels’: strategic, operational and tactical, which serve different functions, on Information Security Buzz.