The increased dependency organizations have on technology is not slowing down. The amount of data produced and stored within these technologies also increase the amount of cyber threats that face organizations today. Security analysts need to understand how adversaries are targeting their organizations in order to proactively defend their assets and networks. Cyber threat intelligence is a growing need for an organization's security in order to fight against cyber-attacks. However, the only way security teams can utilize cyber threat intelligence is if it is consumable, credible, and actionable. The purpose of this research was to question the actionability of cyber threat intelligence. The research is intended to address the following questions: What are the consequences of too much data? How do cyber fusion threat centers or information sharing centers assist in determining the actionability of cyber threat intelligence? What is the human role in the analysis of cyber threat intelligence? This research provided a detailed introduction on the increasing amount of raw data security analysts need to analyze is overwhelming and difficult to understand. Cyber fusion and information analysis centers are becoming an asset for organizations to assist in further understanding the threats targeting their networks. It is also important that cyber threat intelligence analysts not only focus on the technical aspects of analysis but also the human factor of their adversaries. The actionability of cyber threat intelligence will be an important advantage for security analysts as well as senior management to mitigate the risk of cyber-attacks against their organization's critical assets. Keywords: Cybersecurity, Actionability of Cyber Threat Intelligence, Professor Christopher Riddell, Connect the Dots, Actionable, Fusion Center, Threat.
展开▼