Cyber Threat Intelligence (CTI) is data collected, processed, and analyzed to understand how it works and its goal. This term can be interpreted in the corporate world, by researching and gathering information on the competitors. It can also be interpreted in the cyber industry as a deep dive into understanding cyber threats, adversaries, and other related issues. CTI utilizes different applications to understand various settings' motives and attack behaviors. This course additionally provides the fundamentals of the Cyber Kill Chain, Intelligence Life Cycle, and other types of threats used in the cybersecurity industry.
Reflection
The Cyber Threat Intelligence course taught me a valuable lesson on collecting, processing, and analyzing information. In this assignment, we researched actual organizations and were only allowed to use Open Source Intelligence (OSINT) gathering. OSINT gathering means the information is open to the public, and anyone can know this information. Using the Google Search engine, I obtained valuable information on the aerospace company Boeing. I immediately went to their website to find out who was in their C-suite and what roles. From here, I could Google search their names and find out their company trading. I discovered that one of their executive members was recently selling the stocks they received as a disposition. There can be multiple reasons the executive member is selling their stocks, but it raises red flags when it is their Vice President, Chief of Engineering. The public may assume Boeing’s engineering field is not doing the best, and he is preparing to sell while the stock prices are high. Navigating their website, I found a new product they are developing and testing. They announced each step of their program and gave timelines. Additionally, I could see the business they are conducting with other organizations. They disclosed the amount of product they were delivering and gave a timeline. This course taught me how to collect, process, and analyze information within any organization. Organizations publicly announce their intentions and provide in-depth details on their next move. As a cyber security professional, I recommend being careful of the information put to the public because everyone has access to it. Malicious hackers may not be able to enter the organization's system, but they may be able to attack the supplier to get into their target. It is important to plan for every avenue of approach and have a disaster recovery plan in case of an incident.
Your browser does not support viewing this document. Click here to download the document.