The Art of Cyber Threat Intelligence: A Comprehensive Understanding
暫譯: 網路威脅情報的藝術：全面理解

In the ever-evolving world of cybersecurity, the need for robust and proactive threat intelligence has never been more critical. This book is designed to arm you with the essential knowledge and tools required to establish a world-class cyber threat intelligence (CTI) capability. Authored by Crawford Thomas, a seasoned expert with over two decades of frontline experience in military intelligence and cyber threat intelligence within the financial sector, this guide is not just theoretical--it's a distillation of hard-earned, practical wisdom.

This book is not a typical consultation manual filled with checkboxes and generic advice. Instead, it draws from the real-world experiences of a practitioner who has navigated the complexities of regulatory pressures and excelled in environments that demand nothing less than excellence. Notably, during a recent CBEST testing, Thomas's leadership and the performance of his CTI team were described as "formidable." This recognition underscores the level of expertise and effectiveness you can expect to learn from.

You are invited on a comprehensive journey through the critical stages of building a CTI function: from developing a strategic vision, formulating prioritized intelligence requirements, and selecting the right vendors, to mastering the nuances of intelligence reporting. This book is designed to guide you in creating a CTI capability that not only protects your business, but also enhances its efficacy and fosters an environment of reliability and trust--both internally and externally.

The necessity for this book stems from the current cybersecurity landscape where businesses face an increasing barrage of threats. They require impeccable IT security across all platforms, often taking on risks that stretch beyond their risk appetite. Email systems, provided ubiquitously by major vendors, remain a prime target despite advanced security measures. Meanwhile, the rise of Ransomware as a Service has given a new edge to this already formidable threat, turning organizations into unwitting participants in attacks aimed at third-party applications.

What You Will Learn:

• How to build a world leading cyber threat intelligence capability that is threat vector focused.
• Estimate the size of the cyber threat intelligence team you require,
• How to build the prioritized intelligence requirements (PIRs) and collection plan.
• How to select the correct cyber security vendor--in line with the PIRs.
• How to develop 'pull intelligence' production and reporting writing.

Who This Book is for:

This book is for all levels of cyber analyst capability. From the beginner, with a hunger to find a definitive answer to 'what is a cyber threat intelligence capability'? To the expert, who is keen to learn of a better way to do their tradecraft. this book is also for the frustrated and burnt out in-house cyber specialist, who has grown cautious of the vendor market, the costs, the lack of integrations. The 10 year cyber expert who is aware of the changing threat landscape and the need to be more dynamic, responsive and efficient.