One of the roles in cybersecurity practitioner is to share threat intelligence with internal stakeholders to enhance the situation awareness.

If you are doing this, don’t just share the links of the news. You need to analyze the published threat:

  • Assess the credibility of the threat source
  • Explore what are protection currently deployed in your organization
  • How to avoid similar issues in your organization
  • Prioritize protection investment if not yet deployed with applicable work around to reduce likelihood

Essentially, it’s WIIFM (What’s In It For Me?).

If you don’t, you don’t add value to sharing the threat intelligence. Sadly just a router rather than a smart Deep Packet Inspection.

Leave a Reply