By the time you learn of business initiatives via SEC forms and OSINT, it's likely too late, but understanding these initiatives builds credibility when performing outreach to understand the risks to your business.
Organizations should learn from the common pitfalls encountered by peers to ensure they get the most out of their investment when incorporating threat intelligence into their security programs. Mistakes include not aligning threat intelligence efforts with strategic business goals, relying on poor or incomplete data sources, not involving senior executives, missing context in intelligence sources, and focusing too much on blocking commodity attacks. This paper discusses five key traps to avoid.
You will be trapped if you:
Lack a defined intelligence program and processes
Rely on inappropriate intelligence
Fail to identify executive suite as a key consumer
Believe raw threat data equates to threat intelligence