In my first article on Cyber Security Threat Intelligence Analysts, (CTI analysts) we covered what a CTI analyst is and discussed how they can bridge the gaps between IT, Security, and the Business. We discussed how this is beneficial to the maturity of the business, but what exactly did we mean by this?
In the second article of our CTI analyst series, we’ll cover the unique benefits a CTI analyst brings to an organization by enhancing:
- Strategy and planning of IT and security by taking a holistic view
- Intelligence on the cybersecurity landscape and industry trends
- Collaboration with the recognized bodies and regulations
Enhancing the strategy and planning of the business
Have you ever prepared for a meeting with a new contact by visiting LinkedIn and checking out their profile? If not, it might be beneficial to take a few moments to do this. You may find some common connections. Using public social media sites to identify someone is an example of what we commonly refer to as open-source intelligence (OSINT).
What is OSINT?
OSINT is essentially looking at publicly available data, be it government records such as Companies House in the United Kingdom or social media posts on Facebook or Twitter. It can consist of checking out popular search engines to look for articles and pictures relating to your target or even searching historic records like the WayBackMachine or ancestor sites for family connections.
OSINT is a powerful tool. Not only does it identify the image a target wishes to present to the world, but it can also reveal a lot about the target’s carefully selected interests, ‘likes’ and publicly posted updates. OSINT can also reveal information and habits about us we might not expect because it’s reviewed by a skilled person. In many situations, these experts can (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Tripwire Guest Authors. Read the original post at: https://www.tripwire.com/state-of-security/risk-based-security-for-executives/connecting-security-to-the-business/osint-using-threat-intelligence-secure-organisation/