Formulate the Acquisition of Threat Intelligence in Finance and Banking

Week 3 Threat Intelligence Providers and Roles Threat intelligence providers are security organizations that provide the product or service of threat intelligence using various delivery methods. A threat intelligence feed is a continuously updated intelligence collection from various sources as contributors of similar types. Other methods of delivery include pre-packaged software or customer-specific reports. Much of the services provided by the threat intelligence provider entail both human and automated security operations, and the source of information comes from open and closed sources. The role of the threat intelligence provider, in general, is to maximize the quality of information and results for those relying on the security information. Intelligence sources come in various types, including open-source, in-house, vertical community (e.g., Financial Services Information Sharing and Analysis Center (FS-ISAC)), commercial, and dark web. An open-source platform digests information and provides regular updates to subscribers of the service. There are standard benefits associated with threat intelligence platforms, including centralized feed management, real-time alerts, normalized feed data, integration with firewall and security information and event management systems, and reporting. Many organizations find threat intelligence platforms convenient, but the standard offerings do not offer enough protection for high-risk industries like finance and banking. The premium feed offerings that have a higher cost associated are often required. In-house security analysts and security operations center personnel are employed by finance and bank organizations to manage intelligence from various sources. Intelligence sharing communities and commercial services (providers) provide insights to customers and provide insight with less false positives than open-source options. Dark web intelligence offerings are secretive and expensive. However, these high-risk communities are difficult to join and therefore avoided unless essential to mitigating a specific type of threat scenario. Threat intelligence has six phases that make up the intelligence lifecycle (Figure 3). According to the Federal Bureau of Investigations (n.d.), the intelligence lifecycle includes (1) direction; (2) collection; (3) processing; (4) analysis; (5) dissemination; and (6) feedback. During the direction phase, the organization establishes goals for the threat intelligence program. Determining what information assets and business processes need protection, the impact of losing those assets or business process interruption, the threat intelligence need, and how to prioritize protection is essential to the planning process. The collection phase process gathers information to meet threat intelligence requirements. Threat feeds, web scraping, infiltration of closed sources, data feed subscriptions, and metadata log reviews from internal network devices serve as sources for collection. The transformation of this information collection into a usable format occurs during processing. A significant human-related process used during analysis converts the information into intelligence that guides decision-making. The output of finished intelligence, including disposition locations, occurs during dissemination. The feedback loop of the intelligence lifecycle ensures that regular feedback informs the security team, allowing for the incorporation of refinement into the entire iterative process based on changes in requirements over time and circumstances (Federal Bureau of Investigations (n.d.). Figure 3 The Threat Intelligence Lifecycle – Federal Bureau of Investigations (n.d.) . Federal Bureau of Investigations (n.d.). The Cyber Threat. https://www.fbi.gov/investigate/cyber Assignment: Formulate the Acquisition of Threat Intelligence in Finance and Banking REFERENCE • A Private and Public Partnership Approach to Critical Infrastructure Protection by Pierre-Luc Pomerleau; David L. Lowery Instructions This week, you will provide a business report for the CSO that explains the acquisition and practical use of threat intelligence and the necessity for having specific organizational core competencies in threat intelligence. Be sure your report includes the following: Formulate a proposed solution for the cyber threat intelligence (CTI) using internal and external data from a finance or banking organization. Discuss how this approach might be used within your selected finance or banking institution organization to address and facilitate the prioritization of threats and vulnerabilities. Be sure to factor in the acquisition of indicators requiring adjustments to existing threat remediation plans and processes. Include details related to automation, collaboration, indicators, industry sector sharing (including benefits and risks), the human role, and the impact of cultural and language barriers. Clearly articulate the implications of each factor on the development of a threat intelligence solution. Include industry-based, U.S.-based, and, if applicable, European-based cyber threat sharing platforms as external data providers. Length: 5 pages, including appropriate customized tables and diagrams References: Include a minimum of 2 scholarly resources not used within the course. The completed assignment should address all the assignment requirements, exhibit evidence of concept knowledge, and demonstrate thoughtful consideration of the course content. The writing should integrate scholarly resources, reflect academic expectations and current APA standards. .

Collepals.com Plagiarism Free Papers

Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.

Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS

Why Hire Collepals.com writers to do your paper?

Quality- We are experienced and have access to ample research materials.

We write plagiarism Free Content

Confidential- We never share or sell your personal information to third parties.

Support-Chat with us today! We are always waiting to answer all your questions.