Cybersecurity Industry Leaders Launch the Cyber Threat Intelligence Capability Maturity Model
05 Agosto 2024 - 5:00AM
Business Wire
The new maturity model bridges the gap between
CTI programs and organizational objectives to ensure the maximum
value is derived from these investments and initiatives.
Today, Intel 471, the premier provider of cyber
intelligence-driven solutions worldwide, sponsored a partnership of
28 industry leaders serving public and private organizations across
the vendor and consumer community. Together, these professionals
volunteered their time, effort, and experience to launch the first
version of the Cyber Threat Intelligence Capability Maturity Model
(CTI-CMM), designed as the first-of-its kind vendor agnostic and
universally applicable resource to support organizations of all
shapes and sizes across the CTI industry. In today’s evolving
threat landscape, the sign of a successful Cyber Threat
Intelligence (CTI) program is a mature program that seamlessly
integrates with an organization’s core objectives and key
outcomes.
“Unlocking the full potential of your CTI program requires
alignment with the capabilities of each stakeholder it supports,
and a tangible measurement of success synchronized with
organizational priorities,” said Michael DeBolt, Chief Intelligence
Officer at Intel 471. “The CTI Capability Maturity Model (CTI-CMM)
is designed to support CTI teams in building their capabilities by
aligning to defined practices for stakeholder business domains
unique to each organization. The Model establishes shared values
and principles across the industry to empower organizations to take
a holistic approach to cyber threat intelligence with stakeholders
in mind.”
“Advising numerous clients globally, I have observed a
consistent need for an outcome-focused model for cyber intelligence
programs. The CTI-CMM bridges the gap to help CTI programs create
impactful and demonstrable value for their organization,” said
Colin Connor, CTI Services Manager at IBM X-Force.
The all-volunteer team behind the CTI-CMM is comprised of
professionals representing a wide range of sectors, geographic
regions, backgrounds and experiences, including leaders from Intel
471, IBM, Kroger, Venation, Mandiant, IntL8, Regfast, Trellix,
Autodesk, Centre for Cybersecurity Belgium (CCB), Northwave Cyber
Security, Workday, Marsh McLennan, Signify, Tidal Cyber, DeepSeas,
BP, Gojek, SAND and many more. These individuals created CTI-CMM to
elevate cyber threat intelligence across the industry through
knowledge and experiences. Together, they defined the following
values and principles to support the CTI community moving
forward:
Shared Values
- Intelligence provides value through collaboration with our
stakeholders and supporting their decision-making process.
- Intelligence is never completed. Improvement is continuous.
This also applies to adoption. Constant improvement is crucial for
success and distinguishing from other models which failed to keep
up with the time.
- Intelligence is not proprietary, nor is it prescriptive.
Therefore, the model should never be claimed by a single commercial
party.
Shared Principles
- Contextualizing threat intelligence within risk
- Continuous self-assessment and improvement
- Actionable intelligence based on stakeholder needs
- Quantitative and qualitative measurement of intelligence
- Collaborative and iterative intelligence processes
This team made the decision to design the CTI-CMM to align with
industry best practices and the concepts and format of a recognized
cybersecurity maturity model, the Cybersecurity Capability Maturity
Model (C2M2). Similar to the C2M2, the CTI-CMM is organized into
ten domains. Each domain includes a “Domain Purpose” followed by a
“CTI Mission'' description describing how the CTI function supports
it and consists of the CTI Use Cases and CTI Data Sources.
The CTI-CMM is the blueprint for a successful and effective CTI
program. It exists to support the people who make decisions and
take action to protect organizations. For more information, please
visit: https://cti-cmm.org/
About Intel 471
Intel 471 empowers enterprises, government agencies, and other
organizations to win the cybersecurity war using the real-time
insights about adversaries, their relationships, threat patterns,
and imminent attacks relevant to their businesses. The company's
platform collects, interprets, structures, and validates human-led,
automation-enhanced intelligence, which fuels our external attack
surface and advanced behavioral threat hunting solutions. Customers
utilize this operationalized intelligence to drive a proactive
response to neutralize threats and mitigate risk. Organizations
across the globe leverage Intel 471’s world-class intelligence, our
trusted practitioner engagement and enablement and globally
dispersed ground expertise as their frontline guardian against the
ever-evolving landscape of cyber threats to fight the adversary --
and win. Learn more at https://intel471.com/.
Our customers’ eyes and ears outside the wire.
View source
version on businesswire.com: https://www.businesswire.com/news/home/20240805227575/en/
Erica Stuchel W2 Communications intel471@w2comm.com