• Online, Instructor-Led

The relative priority an intelligence requirement is assigned should reflect the criticality of the decision it is intended to support. Simply put, some decisions are more critical than others. For instance, the identification of a new threat actor without clear understanding of the actor’s capabilities or even if they may see Your organization as a target is less of a priority than an existing threat actor known to target your organization with new methods of infiltration and a change in intent from espionage to sabotage in the form of disk wiping.
Of note: intelligence collection, analysis, and reporting should focus on critical systems and data. Publicly communicated software vulnerabilities or control weaknesses in a desktop office suite are not considered part of standard intelligence requirements. They are considered a risk due to the vulnerability that requires modification(s) to process or technology controls such as stop gaps prior to a patch. These are functions of risk, vulnerability management, and day-to-day security operations.

Learning Objectives

The relative priority an intelligence requirement is assigned should reflect the criticality of the decision it is intended to support. Simply put, some decisions are more critical than others. For instance, the identification of a new threat actor without clear understanding of the actor’s capabilities or even if they may see Your organization as a target is less of a priority than an existing threat actor known to target your organization with new methods of infiltration and a change in intent from espionage to sabotage in the form of disk wiping. Of note: intelligence collection, analysis, and reporting should focus on critical systems and data. Publicly communicated software vulnerabilities or control weaknesses in a desktop office suite are not considered part of standard intelligence requirements. They are considered a risk due to the vulnerability that requires modification(s) to process or technology controls such as stop gaps prior to a patch. These are functions of risk, vulnerability management, and day-to-day security operations.

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • All-Source Analysis
  • Collection Operations
  • Cyber Operations
  • Training, Education, and Awareness
  • Knowledge Management

Specialty Areas have been removed from the NICE Framework. With the recent release of the new NICE Framework data, updates to courses are underway. Until this course can be updated, this historical information is provided to give better context as to how it can help you with your cybersecurity goals.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.