[1][2] It provides organizations with the insights necessary to anticipate, prevent, and respond to cyberattacks by understanding the behavior of threat actors, their tactics, and the vulnerabilities they exploit.
This puts companies on a more proactive front, actively trying to find their vulnerabilities and preventing hacks before they happen.
Then, once directed by the client, the second phase begins, collection, which involves accessing the raw information that will be required to produce the finished intelligence product.
[21] Multiple efforts[22][23][24] in threat intelligence emphasize understanding adversary TTPs to tackle these issues.
This act required the U.S. federal government to facilitate and promote four CTI objectives:[32] In 2016, the U.S. government agency National Institute of Standards and Technology (NIST) issued a publication (NIST SP 800-150) which further outlined the necessity for Cyber Threat Information Sharing as well as a framework for implementation.