Why Cyberthreat Intelligence Analysis?
On the issue of how artificial intelligence (AI) can enhance cybersecurity, Dudu Mimran, chief technology officer (CTO) at Telekom Innovation Laboratories in Israel, suggests two-fold ways: build a global intelligence network for tracking threats across different geographies; and secondly to fund ongoing research to help improve and preserve data privacy.
Juniper Research forecasts cyber-crime to be worth $2.1 trillion by 2019. Gartner’s research predicts that spending
on cybersecurity will hit $96 billion in 2018, and only increase thereafter. Cybersecurity Ventures says global spending on cybersecurity will exceed $1 trillion cumulatively between 2017 and 2021. Reports from various sectors show that data breaches have been recurrent time and again.
The UK National Cyber Security Centre (NCSC) reported over 1000 cyberattacks in its first year of operation with nearly 600 being classified as significant. And, an increase in the rate of cybercrime is expected to bring in its trail, job openings for 3.5 million unlled cybersecurity positions by 2021. Enter Cyberthreat Intelligence Analysts!
The Demand for Cyberthreat Intelligence Analysts
Cyberthreat Intelligence Analysts have been predicted to be the protectors of our assets in Cyberspace. They know the what, why, and how of all security issues. They are the qualified next-generation security consultants whom organizations are hiring to detect the nature of security issues impeding their work and how to appropriately counter impending threats.
On one hand, the large volume of digital data collected through electronic, human, internal, and external sources of an organization should be sorted, grouped, and analyzed. On the other hand, the conditions or the circumstances that make an organization vulnerable to threats also need a closer look.
What is RCIA?
Upon completion of the program, the student becomes a Rocheston Certified Cyberthreat Intelligence Analyst (RCIA). The program gives the student a detailed overview of the techniques via which cyber intelligence can be gathered, sorted, and analyzed. Some of the top threats that a RCIA will be made familiar with include:
- Password Cracking
- Virus or trojans
Students will also be acquainted with new-age cybersecurity solutions proposed by giants. For instance, IBM Watson’s AI has made a breakthrough in rapid processing of threat data from several incidents of a security breach.
Google’s new cybersecurity company Chronicle will focus on detecting threats by analyzing and storing data generated by large enterprises. With Google infrastructure support, Chronicle is expected to detect threats faster and at a broader scale than existing systems. Chronicle CEO, Stephen Gillett says, Chronicle will provide “planet-scale” security analytics, combining Google’s existing artificial intelligence, machine learning, infrastructure, and “near limitless compute” capabilities.
Students also get a peek into how Big Data and Artificial Intelligence help gather cyber threat intelligence and the ways in which Machine Learning techniques help capture intelligence.
Benefits of Gathering Threat Intelligence
- Providing information that links the probability and impact of a cyber attack
- Developing a framework for timely analysis and prioritization of potential
- Threats and vulnerabilities given an industry’s threat landscape
- Applying intelligence techniques to the aggregation and analysis of contextual and situational risks
- Taking corrective actions upon indicators of attack, especially in the
- defense and space technology sectors associated with nations’ security
- Developing a strong defense against threat actor’s Tactics Techniques and Procedures (TTPs) using advanced threat modeling
- Managing Operational security systems such as Intrusion Detection
- Systems (IDS), Security Information, and Event Management (SIEM) systems do generate threat intelligence inputs based on the industry
- Breaking the cyber-attack lifecycle perpetrated by other nations, that can be via a threat concept known as Advanced Persistent Threat (APT)
Who will Use RICA
Organizations hire cyber threat intelligence analysts to get them to identify potential risks and threats in the digital space. Individuals looking to be engaged as professionals in digital forensics, critical infrastructure will benefit enormously from the program. Across the industries all over the world, the intelligence analyst will be the man or woman of the hour, in the next few years!
Skills You Will Learn as a RCIA
Cyberthreat Intelligence analysts assist decision-makers in building the right checks and controls that a system requires.
The broad outline of the evaluation they follow to assist organizations to take control of their security can be recounted as:
- Strategic intelligence for providing suggestions about the tools that can be useful for defending any threats specific to the domain.
- It identifies and assesses malicious domains, and those with a low reputation while gathering information from the internet.
- Operational intelligence for providing suggestions on how to respond to specific incidents or events.
- Tactical intelligence for providing real-time investigations and day-to-day operational support.
The modules that are part of the RCIA theory courses:
- Module 1: Why Threat Intelligence
- Module 2: What is Threat Intelligence
- Module 3: Threat Detection Platform
- Module 4: Security Operations
- Module 5: Threat Intelligence Platform
- Module 6: Threat Intelligence and Its Relationship to Incident Response
- Module 7: Reports and Feeds
- Module 8: Threat Intelligence in Vulnerability Administration
- Module 9: Threat Intelligence for Security Leaders
- Module 10: Threat Intelligence for Risk Evaluation
- Module 11: Threat Intelligence for Fraud Prevention
- Module 12: Threat Intelligence Analytical Frameworks
- Module 13: The Threat Intelligence Journey
- Module 14: Developing the Foundational Threat Intelligence Team
- Module 15: Intrusion Analysis
- Module 16: The Kill Chain Course of Action
- Module 17: The Kill Chain Deep Dive
- Module 18: Managing Multiple Kill Chains
- Module 19: Malware Collection Sources
- Module 20: Collection Sources (Domains)
- Module 21: Collection Sources (External Datasets)
- Module 22: Collection Sources (TLS Certificates)
- Module 23: Exploitation (Storing and Structuring Data)
- Module 24: Analysis of And Distribution of Intelligence
- Module 25: Tactical Dissemination
- Module 26: Operational Dissemination
- Module 27: Fallacies of Logic / Cognitive Biases
- Module 28: Strategic Dissemination
- Module 29: Fine-Tuning of Analysis
- Module 30: Attribution
- Module 31: Hunting
- Module 32: Features Extraction
- Module 33: Behavior Extraction
- Module 34: Correlation and Clustering
- Module 35: Penetration Testing
- Module 36: Understanding Real Threats and Case Studies
- Ethical Hackers
- Security Practitioners
- SOC Professionals
- Malware Analysts
- Digital Forensic Analysts
- Information security professionals specializing in cyber threat intelligence knowledge
In the RCIA program you will learn to:
- Provide information that links the probability and impact of a cyber-attack
- Develop a framework for timely analysis and prioritization of potential threats and vulnerabilities given an industry’s threat landscape
- Apply intelligence techniques to the aggregation and analysis of contextual and situational risks
- Take corrective actions upon indicators of attack, especially in the defense and space technology sectors associated with nations’ security
- Develop a strong defense against threat actor’s Tactics Techniques and Procedures (TTPs) using advanced threat modeling
- Manage Operational security systems such as Intrusion Detection Systems (IDS), Security Information, and Event Management (SIEM) systems do generate threat intelligence inputs based on the industry
- Break the cyber-attack lifecycle perpetrated by other nations, that can be via a threat concept known