3. Baselining the Different Types of
Cyber Threat Intelligence
For Senior Business Leaders – CISO, CIO, Risk Officer, etc.
• Informs business decisions and used to prioritize defense and direct
cybersecurity investments
• “Known Knowns” – Threat is understood and can be acted on / mitigated
For SOC/NOC Managers and Threat Analysts
• Aggregation of events along with the motivations, intent, and capabilities
of adversaries – how they plan, conduct, and sustain attack campaigns
• “Known Unknowns” – Confirmed existence of an actual threat
For SOC/NOC Operators
• The effort to detect and respond to on-the-wire events that are
technical and high volume. Focuses on threat indicators to hunt for and
defend against adversaries. Little-to-no contextualization or learning.
• “Unknown Unknowns” – Something weird is going on
Operational
Tactical
Decision
Strategic
Inputs
Outputs
Inputs
Outputs
LevelofIntelligence
3
5. Growing Digital Footprints
Increase Your Risk
7
The Larger Your Digital Footprint, The More
Avenues of Attack Provided to Threat Actors
• Social media use exposes more information and
employees – easier access to key executives
• Supply chain represents significant risk - 57% of
breaches originate from partners and suppliers (PwC)
• Dark Web markets and forums provide more tools
and information for threat actors to leverage –
translates to fraudulent activity against your business,
customers and brand
• Many popular threats leverage social engineering
techniques (i.e. phishing and ransomware)
• Convergence of physical and digital security risks
6. 6
The SurfWatch Labs
Threat Intelligence Stack
Cloud-based Suite and Advisory
Services deliver:
• Strategic and Operational
Threat Intelligence
• Relevant Cyber Risk
Management
• Actionable Fraud Awareness
and Prevention
• Digital Supply Chain Risk Visibility
• Brand and IP Protection
• Legal and Regulatory
Diligence
• KPIs and Cyber Risk
Reporting
Products
SaaS Applications and
API
Information and Analytics
Collect, Validate, Analyze and
Enrich
Solutions
Human Expertise Threat
Analyst
Cyber
Advisor
Data Collection Sources:
• Millions of Open Source
Media Outlets
• Twitter – Full Feed
• Cyber-Focused Sources- Blogs,
Security Researchers, etc.)
• Govt Mandated Breach Reports
• Vulnerability Reports
• PII Release Reports
• Phishing Feeds
• Dark Web Markets & Forums
• Paste Sites
• SurfWatch Customers
7. Q&A and Additional
SurfWatch Labs Resources
7
SurfWatch Cyber Advisor:
www.surfwatchlabs.com/cyber-advisor
SurfWatch Threat Analyst:
www.surfwatchlabs.com/threat-intel
Dark Web Intelligence:
www.surfwatchlabs.com/dark-web-intelligence
Personalized SurfWatch Demo:
info.surfwatchlabs.com/request-demo
Strategic and Operational Threat Intelligence