The paper then explores how foundational CTI concepts can be applied to risk management, including stakeholder analysis, intelligence requirements, and a cyber threat profile. A threat profile can be used to develop a threat model, which can be used by risk management teams to determine whether adequate security controls are in place to address potential risk exposure.
Partnership between risk and CTI teams can play out in various ways, and is highly dependent on an organization’s unique context and favored risk framework. Rather than a set of rigid rules, our paper outlines a range of collaboration opportunities. These are best viewed as a menu of potential options that can be adapted accordingly. Typical examples of collaboration include: crown jewel asset mapping, threat modeling, and feeding threat data into risk matrices.
We also provide three case studies that provide examples of how both teams can collaborate to develop jointly-produced assessments for their leadership. These case studies are focused on patch prioritization informed by newly identified software vulnerabilities, software supply chain risk and threats targeting software developers, and…
