What is Cyber-intelligence and what is it used for?
This is a question that is usually asked by security, cyber-security and intelligence professionals. Cyber-intelligence is a hybrid concept between these three worlds and professional fields, and therefore it is an opportunity and a necessity to know what it is and what it is for.
In the current context of advanced cyberthreats employed by criminal groups, terrorists and hacktivists, whether politically or economically motivated, businesses and institutions need to have professionals with training and skills in cyberintelligence to strengthen their cybersecurity strategy.
This is why we explain in this article:
How does cyber-intelligence arise?
What is it and what is it for?
Why do businesses and public institutions need cyber-intelligence?
How does Cyber-intelligence arise?
In recent years, the Internet and ICT (Information and Communication Technologies) have become part of our daily activities, integrating in such a way that they facilitate the day-to-day running of practically any type of task. Moreover, they contribute in a decisive way to the current development of our society.
Digital technology and various forms of communication are becoming increasingly important for individuals and most sectors, both public and private. The generalisation of the use of ICTs by society implies the emergence of new challenges and uncertainties for security in the international arena.
With the development of new technologies, there has also been a parallel development of criminal activity, causing traditional forms of crime to be overtaken by cybercrime as the new typical crime. Organized crime, like any other business, seeks profit and, to that end, seeks the opportunities offered by the growing and massive digitalization of our lives.
Among these challenges and threats are the so-called cyberthreats. The cyberthreats have taken on such specific weight and importance that they have generated the need to create new security strategies to establish the new priorities that we will have to face in cyberspace and thus define the cybersecurity strategies. It is no longer a necessity of the future, it is an obligation of the present.
Such cybersecurity strategies reinforce the importance of cyberspace as a scenario for dealing with new challenges and threats. The increased use of and dependence on new technologies by states generates greater vulnerabilities and weaknesses, which will be exploited both by organized crime and terrorist groups, as well as by other foreign powers through hybrid warfare.
Cyberspace is considered as a new strategic dimension, a fifth domain, formed by ICTs, networks and information systems, as well as the infrastructures that support telecommunications, causing that borders no longer exist, promoting a great globalization, with its challenges and opportunities, both for national and international institutions, as well as for individuals and multinationals. Hence the existence and importance of National Cybersecurity Strategies.
In this new context, the emergence of a new dimension that facilitates social interactions, both for individuals, companies and organizations, presents new challenges and dangers. Therefore, they must be analyzed from a different perspective, from cybersecurity, or what is the same, security in cyberspace.
This is where the concept of cyber-intelligence comes in, which, supported by cybersecurity and intelligence, helps to manage and understand these risks and threats, and once they are known, to articulate a series of strategies that enable detection, prevention, defence, analysis and research.
What is Cyber-intelligence?
That said, what is cyber-intelligence? We are used to receiving information about the risks that we are exposed to in cyberspace and the relevance that cyber security is taking in our lives, as well as multiple news about cyber criminals (hacking, information leaks, identity theft and other attacks), but we do not usually talk about cyber intelligence.
The Center for Emerging Technologies at Carnegie Mellon University defines cyber-intelligence as
"The acquisition and analysis of information to identify, track, and predict cyber capabilities, intentions, and activities that support decision making."
This definition, applied to the cyberworld, unlike traditional intelligence, implies that Analysts must have a minimum technical knowledge to understand the structure and modus operandi of the cyberactors that will be found in cyberspace. In addition to mastering the procedures implicit in traditional intelligence analysis, both operational, tactical and strategic.
We must understand cyber-intelligence as intelligence applied to computing or cyberspace. It is important to remember that intelligence is the basis of cyber-intelligence, so to get into it we must first know properly what intelligence is and what its practical application is at the professional level, so that we can apply it effectively at the cyber level.
Unlike the traditional model, in the cyber model the interrelations between the different phases of the Intelligence Cycle are constant and sometimes without an established order, in order to respond to the needs of each moment.
Why do businesses and public institutions need cyber-intelligence?
We can see how there is a great typology of approaches to address cyber-intelligence, either from the field of business organizations as well as government, since there is no standard to homogenize the methodology of information collection, data or software to be used.
Currently, organizations seek with cyberintelligence to achieve a balance between protecting the perimeter of their networks and the need to advance in the search for strategic knowledge, causing a division of cyberintelligence analysis in two complementary phases. These phases will use different procedures and methodologies:
1. Technical analysis
By technical analysis, we mean analysis conducted by analysts to gather the necessary data, both from the physical system and from the working environment, to obtain an improvement in cybersecurity, or as a response to a security incident or attack, gathering data or indications that will help us to respond and understand "what has happened" and "how and when" it has occurred. Knowing how to choose and analyse the sources of information is essential to make the results as reliable as possible.
2. Strategic analysis
It is in this phase that analysts must seek answers to "who is responsible" for the attack or incident, and "why" it has occurred, using the data obtained in the previous subphase, providing a context and strategic focus for those responsible to support their decisions.Infographic vector created by pikisuperstar - www.freepik.com
Web Developer, Blogger, Creative Thinker, Social media enthusiast, Italian expat in Spain, mom of little 6 years old geek, founder of @manoweb. A strong conceptual and creative thinker who has a keen interest in all things relate to the Internet. A technically savvy web developer, who has multiple years of website design expertise behind her. She turns conceptual ideas into highly creative visual digital products.
DNS services are essential for web browsing. However, it is one of the most vulnerable to attacks. This guide will detail the most dangerous DNS attacks and some actions that…
You can't access your Instagram account. The cybercriminal who probably hacked your profile changed your password. Now what? What to do now? First try to stay calm: unfortunately these things can…
You've probably heard of the Dark Web before, but do you really know what the Dark Web is, or what it consists of? Do you know its risks? Which users use…
In this context of the electoral campaign in which we are immersed, the 'political hoaxes' are becoming more relevant and it is expected that attacks to destabilize the parties and…
The general recommendation does not change: Anyone interested in entering the Deep Web will get a more complete and secure experience by downloading a copy of the Tor Browser, and…
Over the past two decades, web applications as an alternative to traditional desktop application have been on to rise. As their name suggests, they are installed on web servers and accessed…
When you install an application on your smartphone, you decide what permissions you give it, but it's not always clear. We tell you how to know if those permissions are…
How to enable DoH in Chrome, Firefox, and Edge to prevent your ISP from knowing which sites you visit
Maybe you haven't heard of DoH, the new security standard in Firefox, Chrome and other browsers that prevents your Internet provider from spying on the sites you visit. Let's see…
Privacy is increasingly demanded in the context of global society. Contributing to this are the notorious cases of massive infiltration and security breaches that have ended up filtering users' private…
It can seem that not a day goes by when we don’t hear of some new hacking case or people who have had their sensitive date compromised via the internet.…
Despite all the security flaws, data leaks or privacy risks, the vast majority of people still use things like "123456" for their password. Darlings, it's time to take security a little…
The internet is a fantastic place to learn, engage, and connect with people across the globe. From browsing social media to performing critical work tasks, the internet has become a…