This is a C-suite level report, it is important that you incorporate the most important points and ideas in a clear, concise, and polished fashion.
Your final Cyber Threat Intelligence Plan should draw from following assignments and the feedback provided by your instructor:
- Your cyber threat intelligence presentation created in Module 1, clearly defining cyber threat intelligence.
- Your business case analysis of cyber threat intelligence tools created in Module 2.
- Your adversarial assessment created in Module 3, specifically focusing upon a competitor you believe would be relevant to the company.
- Your initial Cyber Threat Intelligence Plan (CTIP) created in Module 4, with your thoughts on what specific risks your company may face now and in the future.
- Your post-mortem of the Equifax attack created in Module 5, utilizing the Cyber Kill Chain methodology to understand how attacks occur.
- Your detailed case studies created in Module 6, outlining important post-mortem discussion points of two high profile cyber attacks.
Assignment: a comprehensive Cyber Threat Intelligence Plan and a 10- to 15-minute executive level presentation about that plan to C-level staff.
The Cyber Threat Intelligence Plan will include the following elements:
- An executive summary providing a brief overview of the entire plan.
- A visual representation of the threats, threat actors and methods of delivery for the company you have chosen. This could be either be tables, charts and/or flowcharts with definitions, descriptions and sources (refer to your Module 4 assignment).
- Risk reduction plan, outlining your suggestions for risk mitigation. This plan should incorporate the SMART elements: Specific, Measurable, Achievable, Realistic, and Timely (refer to the Module 4 and 5 assignments).
- Specific elements relating to the threat risk, the actors, the delivery method and the mitigation suggestions that need to be highlighted for the executive staff, paying particular attention to the role of the individual(s) you are briefing.