CM-CTI LEVEL 1.0: INITIAL
“What’s a requirement?”
The small company you work for as an IT guy just went gangbusters and grew into a huge enterprise overnight. The new CISO tells you you’re in charge of Threat Intel before heading out to play golf with the rest of the C-Suite for the weekend.
The SOC analysts start pummeling you with emails at all hours of the day asking if the attached IOCs are bad.
You start your mornings listening to Darknet Diaries and CyberWire Daily on the way to work before furiously reading through the last 24 hours of security news coverage and saving anything that sounds cool before standup.
Management’s never even heard of “CTI”, so you’ve got no budget to work with. You rely on free, open source tools and save all your spreadsheets, powerpoints, and reports to a folder on your desktop called “intel”.
Everyone corresponds via Outlook, 1-hour meetings, or carrier pigeon.
