ID.RA-03.156

Does your organization actively use cyber threat intelligence to identify and monitor threat actors and their tactics, techniques, and procedures (TTPs) that are likely to target your business?

Explanation

Cyber threat intelligence (CTI) provides organizations with actionable information about potential adversaries, their capabilities, and methods of operation. By understanding which threat actors are likely to target your organization and their common TTPs, security teams can prioritize defenses against the most relevant threats rather than trying to defend against all possible attacks. Evidence of fulfillment could include: subscriptions to threat intelligence feeds, documentation of regular threat intelligence briefings, reports showing how threat intelligence has been incorporated into security controls, or a threat intelligence platform with customized dashboards showing threats relevant to your industry and organization.

Implementation Example

Use cyber threat intelligence to maintain awareness of the types of threat actors likely to target the organization and the TTPs they are likely to use

ID: ID.RA-03.156

Context

Function: ID: IDENTIFY
Category: ID.RA: Risk Assessment
Sub-Category: Internal and external threats to the organization are identified and recorded

ResponseHub is the product I wish I had when I was a CTO

Previously I was co-founder and CTO of Progression, a VC backed HR-tech startup used by some of the biggest names in tech.

As our sales grew, security questionnaires quickly became one of my biggest pain-points. They were confusing, hard to delegate and arrived like London busses - 3 at a time!

I'm building ResponseHub so that other teams don't have to go through this. Leave the security questionnaires to us so you can get back to closing deals, shipping product and building your team.

Neil Cameron

Founder, ResponseHub