Threat intelligence is the knowledge of the capabilities, resources, motives, and goals of potential security threats to an organization and the application of this knowledge in protecting against security breaches and data theft.
Threat intelligence is a continually evolving process that involves identifying potential security threat actors, understanding their motives and likely avenues for compromising security, and implementing policies and processes that prevent threat actors from compromising an organization as well as limiting the amount of damage they can cause if they are able to breach security.
The Continually Evolving Threat Intelligence Cycle Process
Because threat actors never stop developing and testing new techniques for their cyberattacks, threat intelligence is an on-going, circular process or cycle rather than an end-to-end process. As such, the threat intelligence cycle involves a continual process of planning, implementing, analyzing, optimizing and refining security data collection to better identify all of the following (and more):
Image Source: Accenture.com
Why Is Threat Intelligence Important?
The goal of the cyber threat intelligence process is to produce threat intelligence reports and insight that can be analyzed by corporate security or third-party security intelligence services to implement and/or improve automated security software as well as increase employee knowledge of potential security attacks on the company.
Overall, threat intelligence is designed to keep an organization, its security staff, and all of its employees informed of the security risks the company faces and how best to protect against these threats as well as new ones likely to emerge.