How do organizations across the United States perform cyber intelligence? A new report from the Software Engineering Institute (SEI) reveals what we’re getting right, where we could improve, and what the future looks like.
In 2018, researchers at the Carnegie Mellon University SEI set out to answer those questions. In a study commissioned by the U.S. Office of the Director of National Intelligence, we conducted in-person interviews with 32 organizations across sectors including commercial facilities, the defense industrial base, financial services, government facilities, healthcare and public health, information technology, and transportation systems. The study report was published in May 2019 and is available for download at https://resources.sei.cmu.edu/asset_files/EducationalMaterial/2019_011_001_546590.pdf.
We based our interviews on the Cyber Intelligence Framework, which we developed during a prior study in 2013. The framework is rooted in the U.S. government’s traditional intelligence cycle and provides a structure for cyber intelligence efforts. We asked organizations about their practices related to each component of the framework:
In analyzing interviewee responses, we identified a number of best practices that can help organizations of all sizes and levels of capability improve their performance:
For more best practices to include actionable steps that can help your organization improve its performance, read the full report at https://resources.sei.cmu.edu/asset_files/EducationalMaterial/2019_011_001_546590.pdf.
During the RH-ISAC’s July Cyber Thursday on July 25, 2019, study lead Jared Ettinger, machine learning research scientist Ritwik Gupta, and cyber security engineer Geoff Dobson will provide insights from the report and practical recommendations for implementing machine learning and cyber threat frameworks for cyber intelligence. This webinar is open to all RH-ISAC Core members and retail and hospitality cybersecurity practitioners eligible for membership. Email firstname.lastname@example.org for registration information.
The Software Engineering Institute is a federally funded research and development center (FFRDC) that works with defense and government organizations, industry, and academia to advance the state of the art in software engineering and cybersecurity to benefit the public interest. Part of Carnegie Mellon University, the SEI is a national resource in pioneering emerging technologies, cybersecurity, software acquisition, and software lifecycle assurance.
Copyright 2019 Carnegie Mellon University. All Rights Reserved. This material is based upon work funded and supported by the Department of Defense under Contract No. FA8702-15-D-0002 with Carnegie Mellon University for the operation of the Software Engineering Institute, a federally funded research and development center. The view, opinions, and/or findings contained in this material are those of the author(s) and should not be construed as an official Government position, policy, or decision, unless designated by other documentation.
NO WARRANTY. THIS CARNEGIE MELLON UNIVERSITY AND SOFTWARE ENGINEERING INSTITUTE MATERIAL IS FURNISHED ON AN “AS-IS” BASIS. CARNEGIE MELLON UNIVERSITY MAKES NO WARRANTIES OF ANY KIND, EITHER EXPRESSED OR IMPLIED, AS TO ANY MATTER INCLUDING, BUT NOT LIMITED TO, WARRANTY OF FITNESS FOR PURPOSE OR MERCHANTABILITY, EXCLUSIVITY, OR RESULTS OBTAINED FROM USE OF THE MATERIAL. CARNEGIE MELLON UNIVERSITY DOES NOT MAKE ANY WARRANTY OF ANY KIND WITH RESPECT TO FREEDOM FROM PATENT, TRADEMARK, OR COPYRIGHT INFRINGEMENT.
[DISTRIBUTION STATEMENT A] This material has been approved for public release and unlimited distribution. Please see Copyright notice for non-US Government use and distribution.
Internal use:* Permission to reproduce this material and to prepare derivative works from this material for internal use is granted, provided the copyright and “No Warranty” statements are included with all reproductions and derivative works.
External use:* This material may be reproduced in its entirety, without modification, and freely distributed in written or electronic form without requesting formal permission. Permission is required for any other external and/or commercial use. Requests for permission should be directed to the Software Engineering Institute at email@example.com.
* These restrictions do not apply to U.S. government entities.
Carnegie Mellon® is registered in the U.S. Patent and Trademark Office by Carnegie Mellon University. DM19-0676