What is Cyber-intelligence and what is it used for?
This is a question that is usually asked by security, cyber-security and intelligence professionals. Cyber-intelligence is a hybrid concept between these three worlds and professional fields, and therefore it is an opportunity and a necessity to know what it is and what it is for.
In the current context of advanced cyberthreats employed by criminal groups, terrorists and hacktivists, whether politically or economically motivated, businesses and institutions need to have professionals with training and skills in cyberintelligence to strengthen their cybersecurity strategy.
This is why we explain in this article:
How does cyber-intelligence arise?
What is it and what is it for?
Why do businesses and public institutions need cyber-intelligence?
How does Cyber-intelligence arise?
In recent years, the Internet and ICT (Information and Communication Technologies) have become part of our daily activities, integrating in such a way that they facilitate the day-to-day running of practically any type of task. Moreover, they contribute in a decisive way to the current development of our society.
Digital technology and various forms of communication are becoming increasingly important for individuals and most sectors, both public and private. The generalisation of the use of ICTs by society implies the emergence of new challenges and uncertainties for security in the international arena.
With the development of new technologies, there has also been a parallel development of criminal activity, causing traditional forms of crime to be overtaken by cybercrime as the new typical crime. Organized crime, like any other business, seeks profit and, to that end, seeks the opportunities offered by the growing and massive digitalization of our lives.
Among these challenges and threats are the so-called cyberthreats. The cyberthreats have taken on such specific weight and importance that they have generated the need to create new security strategies to establish the new priorities that we will have to face in cyberspace and thus define the cybersecurity strategies. It is no longer a necessity of the future, it is an obligation of the present.
Such cybersecurity strategies reinforce the importance of cyberspace as a scenario for dealing with new challenges and threats. The increased use of and dependence on new technologies by states generates greater vulnerabilities and weaknesses, which will be exploited both by organized crime and terrorist groups, as well as by other foreign powers through hybrid warfare.
Cyberspace is considered as a new strategic dimension, a fifth domain, formed by ICTs, networks and information systems, as well as the infrastructures that support telecommunications, causing that borders no longer exist, promoting a great globalization, with its challenges and opportunities, both for national and international institutions, as well as for individuals and multinationals. Hence the existence and importance of National Cybersecurity Strategies.
In this new context, the emergence of a new dimension that facilitates social interactions, both for individuals, companies and organizations, presents new challenges and dangers. Therefore, they must be analyzed from a different perspective, from cybersecurity, or what is the same, security in cyberspace.
This is where the concept of cyber-intelligence comes in, which, supported by cybersecurity and intelligence, helps to manage and understand these risks and threats, and once they are known, to articulate a series of strategies that enable detection, prevention, defence, analysis and research.
What is Cyber-intelligence?
That said, what is cyber-intelligence? We are used to receiving information about the risks that we are exposed to in cyberspace and the relevance that cyber security is taking in our lives, as well as multiple news about cyber criminals (hacking, information leaks, identity theft and other attacks), but we do not usually talk about cyber intelligence.
The Center for Emerging Technologies at Carnegie Mellon University defines cyber-intelligence as
"The acquisition and analysis of information to identify, track, and predict cyber capabilities, intentions, and activities that support decision making."
This definition, applied to the cyberworld, unlike traditional intelligence, implies that Analysts must have a minimum technical knowledge to understand the structure and modus operandi of the cyberactors that will be found in cyberspace. In addition to mastering the procedures implicit in traditional intelligence analysis, both operational, tactical and strategic.
We must understand cyber-intelligence as intelligence applied to computing or cyberspace. It is important to remember that intelligence is the basis of cyber-intelligence, so to get into it we must first know properly what intelligence is and what its practical application is at the professional level, so that we can apply it effectively at the cyber level.
Unlike the traditional model, in the cyber model the interrelations between the different phases of the Intelligence Cycle are constant and sometimes without an established order, in order to respond to the needs of each moment.
Why do businesses and public institutions need cyber-intelligence?
We can see how there is a great typology of approaches to address cyber-intelligence, either from the field of business organizations as well as government, since there is no standard to homogenize the methodology of information collection, data or software to be used.
Currently, organizations seek with cyberintelligence to achieve a balance between protecting the perimeter of their networks and the need to advance in the search for strategic knowledge, causing a division of cyberintelligence analysis in two complementary phases. These phases will use different procedures and methodologies:
1. Technical analysis
By technical analysis, we mean analysis conducted by analysts to gather the necessary data, both from the physical system and from the working environment, to obtain an improvement in cybersecurity, or as a response to a security incident or attack, gathering data or indications that will help us to respond and understand "what has happened" and "how and when" it has occurred. Knowing how to choose and analyse the sources of information is essential to make the results as reliable as possible.
2. Strategic analysis
It is in this phase that analysts must seek answers to "who is responsible" for the attack or incident, and "why" it has occurred, using the data obtained in the previous subphase, providing a context and strategic focus for those responsible to support their decisions.Infographic vector created by pikisuperstar - www.freepik.com
Web Developer, Blogger, Creative Thinker, Social media enthusiast, Italian expat in Spain, mom of little 9 years old geek, founder of @manoweb. A strong conceptual and creative thinker who has a keen interest in all things relate to the Internet. A technically savvy web developer, who has multiple years of website design expertise behind her. She turns conceptual ideas into highly creative visual digital products.
The ultimate cybersecurity checklist for programmers
In today's digital age, cybersecurity has become an essential concern for programmers. With cyber threats on the rise, it is crucial for programmers to adopt robust security practices to protect…
Network attacks and how to avoid them
Nowadays it is impossible to list all the different types of attacks that can be carried out on a network, as in the world of security this varies continuously. We…
6 Best Alternative Privacy Focused Browsers in 2021
In today's article we take a look at free private browsers which are relevant in 2021. We will compare their advantages and disadvantages, specs, etc. Let's get into it. What are alternative…
Security of Internet providers: can we trust it?
This year has been a time of many changes. Now, more people are connected to the Internet through their home routers for teleworking, shopping, or leisure. This is where the…
Brief History of Biometric Authentication
These days, biometric authentication seems to be part of every little gadget or device we use. You’ve no doubt used it when logging onto your laptop, your tablet, or your…
A beginner’s guide to software vulnerabilities
What are software vulnerabilities The number of devices connected to the Internet is growing every day. And among those devices we find not only computers and smartphones, but also an ever-rising…
The BleedingTooth vulnerability and other Bluetooth security risks
Have you ever heard of BleedingTooth? And we do not mean the really disturbing looking mushroom which goes by this name and is totally real (we double checked) but one of…
Network and port scanning with Zenmap
This article goes out to all the computer nerds who are, when it comes to networking, more on the noob-side of the crowd. It does not have to be complicated…
Google Dorks: How to find interesting data and search like hacker
Go the words Google and Hacking together? Well if you thought that we will learn how to use hack Google, you might be wrong. But we can Use Google search engine…
How to block any website with a password from your browser
We are going to explain how to block any website with a password from your browser, and for this purpose we are going to use an extension called Block Site.…
Double VPN: what it is and how it works
Privacy on the web is a very important factor for users and there are more and more tools to help us maintain it. Without a doubt VPN services have had…
How to securely access the Dark Web in 15 steps. Second part
Let's continue with the 2nd part of our article in which we try to give you some advice on how to safely and securely explore the dark web. Let's restart from…