What is Cyber-intelligence and what is it used for?
This is a question that is usually asked by security, cyber-security and intelligence professionals. Cyber-intelligence is a hybrid concept between these three worlds and professional fields, and therefore it is an opportunity and a necessity to know what it is and what it is for.
In the current context of advanced cyberthreats employed by criminal groups, terrorists and hacktivists, whether politically or economically motivated, businesses and institutions need to have professionals with training and skills in cyberintelligence to strengthen their cybersecurity strategy.
This is why we explain in this article:
How does cyber-intelligence arise?
What is it and what is it for?
Why do businesses and public institutions need cyber-intelligence?
How does Cyber-intelligence arise?
In recent years, the Internet and ICT (Information and Communication Technologies) have become part of our daily activities, integrating in such a way that they facilitate the day-to-day running of practically any type of task. Moreover, they contribute in a decisive way to the current development of our society.
Digital technology and various forms of communication are becoming increasingly important for individuals and most sectors, both public and private. The generalisation of the use of ICTs by society implies the emergence of new challenges and uncertainties for security in the international arena.
With the development of new technologies, there has also been a parallel development of criminal activity, causing traditional forms of crime to be overtaken by cybercrime as the new typical crime. Organized crime, like any other business, seeks profit and, to that end, seeks the opportunities offered by the growing and massive digitalization of our lives.
Among these challenges and threats are the so-called cyberthreats. The cyberthreats have taken on such specific weight and importance that they have generated the need to create new security strategies to establish the new priorities that we will have to face in cyberspace and thus define the cybersecurity strategies. It is no longer a necessity of the future, it is an obligation of the present.
Such cybersecurity strategies reinforce the importance of cyberspace as a scenario for dealing with new challenges and threats. The increased use of and dependence on new technologies by states generates greater vulnerabilities and weaknesses, which will be exploited both by organized crime and terrorist groups, as well as by other foreign powers through hybrid warfare.
Cyberspace is considered as a new strategic dimension, a fifth domain, formed by ICTs, networks and information systems, as well as the infrastructures that support telecommunications, causing that borders no longer exist, promoting a great globalization, with its challenges and opportunities, both for national and international institutions, as well as for individuals and multinationals. Hence the existence and importance of National Cybersecurity Strategies.
In this new context, the emergence of a new dimension that facilitates social interactions, both for individuals, companies and organizations, presents new challenges and dangers. Therefore, they must be analyzed from a different perspective, from cybersecurity, or what is the same, security in cyberspace.
This is where the concept of cyber-intelligence comes in, which, supported by cybersecurity and intelligence, helps to manage and understand these risks and threats, and once they are known, to articulate a series of strategies that enable detection, prevention, defence, analysis and research.
What is Cyber-intelligence?
That said, what is cyber-intelligence? We are used to receiving information about the risks that we are exposed to in cyberspace and the relevance that cyber security is taking in our lives, as well as multiple news about cyber criminals (hacking, information leaks, identity theft and other attacks), but we do not usually talk about cyber intelligence.
The Center for Emerging Technologies at Carnegie Mellon University defines cyber-intelligence as
"The acquisition and analysis of information to identify, track, and predict cyber capabilities, intentions, and activities that support decision making."
This definition, applied to the cyberworld, unlike traditional intelligence, implies that Analysts must have a minimum technical knowledge to understand the structure and modus operandi of the cyberactors that will be found in cyberspace. In addition to mastering the procedures implicit in traditional intelligence analysis, both operational, tactical and strategic.
We must understand cyber-intelligence as intelligence applied to computing or cyberspace. It is important to remember that intelligence is the basis of cyber-intelligence, so to get into it we must first know properly what intelligence is and what its practical application is at the professional level, so that we can apply it effectively at the cyber level.
Unlike the traditional model, in the cyber model the interrelations between the different phases of the Intelligence Cycle are constant and sometimes without an established order, in order to respond to the needs of each moment.
Why do businesses and public institutions need cyber-intelligence?
We can see how there is a great typology of approaches to address cyber-intelligence, either from the field of business organizations as well as government, since there is no standard to homogenize the methodology of information collection, data or software to be used.
Currently, organizations seek with cyberintelligence to achieve a balance between protecting the perimeter of their networks and the need to advance in the search for strategic knowledge, causing a division of cyberintelligence analysis in two complementary phases. These phases will use different procedures and methodologies:
1. Technical analysis
By technical analysis, we mean analysis conducted by analysts to gather the necessary data, both from the physical system and from the working environment, to obtain an improvement in cybersecurity, or as a response to a security incident or attack, gathering data or indications that will help us to respond and understand "what has happened" and "how and when" it has occurred. Knowing how to choose and analyse the sources of information is essential to make the results as reliable as possible.
2. Strategic analysis
It is in this phase that analysts must seek answers to "who is responsible" for the attack or incident, and "why" it has occurred, using the data obtained in the previous subphase, providing a context and strategic focus for those responsible to support their decisions.Infographic vector created by pikisuperstar - www.freepik.com
Web Developer, Blogger, Creative Thinker, Social media enthusiast, Italian expat in Spain, mom of little 6 years old geek, founder of @manoweb. A strong conceptual and creative thinker who has a keen interest in all things relate to the Internet. A technically savvy web developer, who has multiple years of website design expertise behind her. She turns conceptual ideas into highly creative visual digital products.
This article goes out to all the computer nerds who are, when it comes to networking, more on the noob-side of the crowd. It does not have to be complicated…
Go the words Google and Hacking together? Well if you thought that we will learn how to use hack Google, you might be wrong. But we can Use Google search engine…
We are going to explain how to block any website with a password from your browser, and for this purpose we are going to use an extension called Block Site.…
Privacy on the web is a very important factor for users and there are more and more tools to help us maintain it. Without a doubt VPN services have had…
Let's continue with the 2nd part of our article in which we try to give you some advice on how to safely and securely explore the dark web. Let's restart from…
The dark web can be a pretty dangerous place if you don't take the right precautions. You can stay relatively safe with a good antivirus and a decent VPN. However,…
Most of the actions you take online are not as private as you might imagine. Nowadays, countless people and groups try to follow our online behaviour as closely as possible. Our…
As we have said, it is a market often at the borders of legality, also because these devices are particularly used by criminals. Some models, however, are also available through…
The so-called cryptophones, are anti-interception smartphones as they use encryption methods to protect all communication systems. Here are all the details and the truth about these "unassailable" phones. The recent Encrochat affair,…
The COVID-19 pandemic has radically changed the rules of the game for most companies and individuals in a very short time; it has also changed the international computing universe. Sudden…
Every day our smartphones suffer attacks, viruses, malware and information theft. In this article you will be able to deduce if you need a VPN in your mobile phone to…
We have not learned and we still use passwords that are extremely easy to hack and vulnerable to cyber attacks. If you don't want your credentials to end up in…