Cyber intelligence is a growing discipline in the cybersecurity community, providing important information for cyber defenders in enterprises large and small. This post reviews key sources of cyber intelligence provided free from governments and academia.
Most every enterprise with a mature understanding of the importance of protecting their digital assets has a cyber intelligence program underway. This very likely includes an array of external information sources that will include threat news, listings of IP addresses that are known to be associated with malicious sites, information on malicious code, and a variety of other threat information feeds.
What many do not realize, however, is that there are some fantastic sources of cyber threat information available for free from the government and academia.
We regard the following as the most important government sources of Cyber Threat Intelligence:
- The Defense Cyber Crime Center (DC3): Providing daily context on the cyber threat and incidents via newsletter and their Twitter feed. This report is human readable and digests important news and incident reports that can inform an organization’s strategic decision-making.
- US Computer Emergency Response Team (US-CERT): Responds to major incidents and analyzes threats. Shares information on vulnerabilities via alerts and announcements. Large body of tips and awareness items useful to your cyber threat intelligence program. Many of these reports are directly relevant for operational, day-to-day decision-making.
- European Union Agency for Network and Information Security (ENISA): Tremendous references, publications, media. Most of the reports provided by ENISA are supportive of operational level decisions, and all are of the highest quality.
- FBI Cyber Crime: News on latest cases plus testimony of FBI seniors to Congress on cybercrime topics. When the FBI provides information it has been vetted and is of the highest reliability.
- StopThinkConnect: Not much operational, but good background for the workforce. Striving to make cyber security understandable by people. Good tips for corporate and personal awareness programs. We strongly recommend this be part of any cyber threat intelligence program because it provides information that can be understood by anyone in the workforce.
- CERIAS Blog: This is from the Center for Education and Research in Information Assurance and Security. The CERIAS Blog provides context from highly regarded strategic thinkers like Gene Spafford and Sam Liles. Informative on threat potential, belongs on the reading list of cyber defenders in any enterprise.
We believe these six sources can contribute to your organization’s cyber intelligence program and will be supportive of your efforts to enhance your cyber security posture. There are many many other sources provided by governments and academia. Which others do you think we should review here? We would value your thoughts.