or Module 7, you will bring all of the work you have done in this course together for a comprehensive Cyber Threat Intelligence Plan, and final proposal for your business/organization, using work that reaches back to Module 1. You have already completed extensive research about the nature of intelligence, the intelligence needs of your business/organization, assessed potential threats, and performed case studies of recent events in order to gain insight into protecting your own organization. It is now time to bring it all together into a final proposal that you would present to your C-suite for a decision.
Because this is a C-suite level report, it is important that you incorporate the most important points and ideas in a clear, concise, and polished fashion.
Your final Cyber Threat Intelligence Plan should draw from following assignments and the feedback provided by your instructor:
- Your cyber threat intelligence presentation created in Module 1, clearly defining cyber threat intelligence.
- Your business case analysis of cyber threat intelligence tools created in Module 2.
- Your adversarial assessment created in Module 3, specifically focusing upon a competitor you believe would be relevant to the company.
- Your initial Cyber Threat Intelligence Plan (CTIP) created in Module 4, with your thoughts on what specific risks your company may face now and in the future.
- Your post-mortem of the Equifax attack created in Module 5, utilizing the Cyber Kill Chain methodology to understand how attacks occur.
- Your detailed case studies created in Module 6, outlining important post-mortem discussion points of two high profile cyber attacks.
There are two parts to this assignment: a comprehensive Cyber Threat Intelligence Plan and a 10- to 15-minute executive level presentation about that plan to C-level staff.
Part 1: The Cyber Threat Intelligence Plan will include the following elements:
- An executive summary providing a brief overview of the entire plan.
- A visual representation of the threats, threat actors and methods of delivery for the company you have chosen. This could be either be tables, charts and/or flowcharts with definitions, descriptions and sources (refer to your Module 4 assignment).
- Risk reduction plan, outlining your suggestions for risk mitigation. This plan should incorporate the SMART elements: Specific, Measurable, Achievable, Realistic, and Timely (refer to the Module 4 and 5 assignments).
Part 2: The presentation must be clear and succinct in relaying information and include the following elements:
- No less than 10 and no more than 15 minutes in length.
- Specific elements relating to the threat risk, the actors, the delivery method and the mitigation suggestions that need to be highlighted for the executive staff, paying particular attention to the role of the individual(s) you are briefing.
- Your presentation must be narrated.
- Your presentation must be converted to an .mp4 video file and uploaded to YouTube or Vimeo, submitting the link to your instructor for viewing.