IT Security Champion: Cyber Threat Intel and Emerging Threats
Security is everyone's job — not solely the responsibility of the security department. Adopting a security culture and a security mindset is the foundation of being an effective IT securi...
This module introduces cyber threat intelligence (CTI) from the perspective of an IT administrator who is stepping into the role of an "IT security champion" — someone who is not a full-time security analyst, but who nonetheless has direct influence over the systems, logs, and controls that make threat intelligence actionable. It covers what threat intelligence is, why it matters to the business, the different levels at which intelligence operates, how that intelligence is gathered, how incident response phases work, the structure of the cyber kill chain, the MITRE ATT&CK framework and its supporting standards (TAXII and STIX), a hands-on look at the MITRE ATT&CK Navigator tool, and a set of good cyber hygiene practices that reinforce everything else in the module.
Threat intelligence, or "threat intel," is a collection of data that provides insight into threats and helps an organization defend, detect, and respond to attacks. It is not raw data by itself — it is data that has been processed and given context so that it becomes usable.
In short, good threat intelligence keeps the company operating and keeps attackers — and unauthorized eyes — out of the organization's data.
Sign in to read this course
A free account unlocks all 514 courses. 20 are readable without one.
What's inside
3 sections- 1 Table of Contents
- 2 Module 1: Cyber Threat Intelligence Fundamentals, Frameworks, and Emerging Threats
- 3 Summary
More Security Hot Takes & Threat Intel courses
View all 21Hot Takes: Inside a Microsoft Ransomware Attack
The Marks & Spencer incident is a textbook example of how modern ransomware operations succeed by targeting identity infrastructure and virtualization hosts rather than individual endpoin...
Security Hot Takes: The LastPass Breach
The LastPass breach is actually two distinct but connected security incidents, separated by several months, with confusing and inconsistent public communication from the company throughou...
Sandworm: Application Layer Protocol and Web Emulation
Command and control is the connective tissue of nearly every intrusion that progresses beyond initial access — without it, an attacker cannot issue commands, move laterally, or exfiltrate...
Security Hot Takes: SBOMs
security · hot · takes · sboms · threat · intel · networking · systems · sbom · bills · materials · concept · debate · mandate · software.
Security Hot Takes: The Aliquippa Water Breach
The Aliquippa Water Authority breach is a case study in how a basic, avoidable systems-integration failure — not a sophisticated exploit — can expose critical infrastructure to compromise...
Security Hot Takes: Are You Pen Testing AI Apps?
AI applications are not "just another web app," and treating them that way leaves organizations blind to an entire class of risk. Historical precedent — such as attackers reverse engineer...
Interested in this course?
Contact us to book it or get a custom training plan for your team.