Intelligence types

 Tactical

  Commodity malware

 Strategic

  Targeted attacks

 Operational

  Threat hunting

  Threat emulation

Actor types

 Advanced persistent threat (APT)/nation-state

 Insider threat

 Competitor

 Hacktivist

 Script kiddie

 Organized crime

Threat actor properties

 Resource

  Time

  Money

 Supply chain access

 Create vulnerabilities

 Capabilities/sophistication

 Identifying techniques

Intelligence collection methods

 Intelligence feeds

 Deep web

 Proprietary

 Open-source intelligence (OSINT)

 Human intelligence (HUMINT)

Frameworks

 MITRE Adversarial Tactics, Techniques, & Common knowledge (ATT&CK)

  ATT&CK for industrial control system (ICS)

 Diamond Model of Intrusion Analysis

 Cyber Kill Chain