Wilson Bautista Jr - Practical cyber intelligence how action-based intelligence can be an effective response to incidents

Copyright 2018 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors), nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

Commissioning Editor: Gebin George
Acquisition Editor: Heramb Bhavsar
Content Development Editor: Abhishek Jadhav
Technical Editor: Mohd Riyan Khan
Copy Editor: Safis Editing
Project Coordinator: Judie Jose
Proofreader: Safis Editing
Indexer: Rekha Nair
Graphics: Tom Scaria
Production Coordinator: Shantanu Zagade

First published: March 2018

Production reference: 1280318

Published by Packt Publishing Ltd.
Livery Place
35 Livery Street
Birmingham
B3 2PB, UK.

ISBN 978-1-78862-556-2

www.packtpub.com

Mapt is an online digital library that gives you full access to over 5,000 books and videos, as well as industry leading tools to help you plan your personal development and advance your career. For more information, please visit our website.

• Spend less time learning and more time coding with practical eBooks and Videos from over 4,000 industry professionals

• Improve your learning with Skill Plans built especially for you

• Get a free eBook or video every month

• Mapt is fully searchable

• Copy and paste, print, and bookmark content

Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at service@packtpub.com for more details.

At www.PacktPub.com , you can also read a collection of free technical articles, sign up for a range of free newsletters, and receive exclusive discounts and offers on Packt books and eBooks.

Wilson Bautista Jr. is a retired military officer who is the Director of IT and InfoSec at i3 Microsystems. His expertise is in the domains of InfoSec leadership, policy, architecture, compliance, and risk. He holds multiple InfoSec and IT certifications as well as a master's degree in Information Systems from the Boston University. He's an INTP on the Myers-Brigg Type Indicator test with a Driver-Driver personality. As a practitioner of Agile and SecDevOps, he develops innovative, integrated, enterprise-scale cyber security solutions that provide high value to businesses.

I'd like to thank my family's (specifically my wife) support in allowing me to finish this book, my global information security colleagues who have provided me with friendship, mentorship, and perspective on culture and business communications, and all of the military personnel in my career that helped me get where I am today. Lastly, I would like to thank wine, beer, and coffee.

David J. Gallagher CISSP is a senior security consultant who specializes in security intelligence and data protection solutions. With over 25 years of experience in testing, development, and business analytics across multiple industries, he has led global teams and works across multiple business units to achieve common goals and improve development/quality assurance processes. He specializes in advanced emerging threats and vulnerabilities as a security researcher and has a strong interest in understanding the vulnerabilities and developing solutions for them.

If you're interested in becoming an author for Packt, please visit authors.packtpub.com and apply today. We have worked with thousands of developers and tech professionals, just like you, to help them share their insight with the global tech community. You can make a general application, apply for a specific hot topic that we are recruiting an author for, or submit your own idea.

When I was first asked to write this book, it was supposed to be about applying military targeting methodology to threat intelligence. However, when I started writing, I began to ask:

• How is threat intelligence beneficial to organizations?
• How can we create value from threat intelligence?

So, the topic began to change to something I believe that is missing in how we operate as IT organizations. Threat intelligence is worthless to organizations if it is not applicable to them. Once it becomes applicable to an organization, it has to be communicated to someone to take action on. It sounds so simple but when we look further, there are so many touch points with different parts of the organization and different processes between teams, that the topic eventually morphed into what I call cyber intelligence.

If you spend some time looking at the cyber security news on your social media, you can read about the latest exploitation, the need for more cyber security professionals, and how insecure we are. It feels like sensationalism and further drives paranoia of being labeled "the next victim" for senior leadership. How many times have we seen senior leadership step down because of a breach? Perhaps some breaches were due to neglect, but I'm keen to think that we (collectively) are riddled with archaic and bureaucratic business processes that do not allow flexibility for decentralized decision making.