Guide on Cyber Threat Intelligence

A newly published Guide from CREST looks into the different types of Cyber Threat Intelligence — CTI – standalone deliverables and continued threat monitoring services – and crucially, how this discipline can be used to predict, prevent, detect and respond to threats. The updated Guide also includes new sections on the development of the practice of CTI since the initial iteration, and an assessment of the future trajectory of the discipline.

This guide provides an introduction to CTI. It provides accessible advice on the theory and practice of CTI products and services. It outlines the key concepts and principles that underpin cyber threat intelligence, along with the ways organisations use cyber threat intelligence to predict, prevent, detect and respond to potential cyber security threats and reduce the overall level of cyber risk faced.

The Guide is written for organisations in both the public and private sectors, and covers the different levels of cyber threat intelligence: operational, tactical, and strategic, and possible sources of intelligence, such as atomic indicators of compromise (IOCs), social media, the dark and deep web, internal sources, publications and information sharing platforms.