雲端威脅情報的功能Function of cloud threat intelligence

安全性威脅情報可針對主動攻擊和潛在的威脅提供內容和可操作的見解,讓安全性小組、技術小組和組織領導人能夠做出決策。Security threat intelligence provides context and actionable insights on active attacks and potential threats to enable decision making by security teams, technical teams, and organizational leaders.

現代化Modernization

威脅情報團隊不斷演進並不斷演進,以滿足安全性作業中心 (SOC) 和其他管理組織安全性風險的需求。Threat intelligence teams are emerging and evolving to meet the needs of the security operations center (SOC) and others managing security risk for the organization.

這些團隊應著重于包含下列各項的策略:These teams should focus on a strategy that includes:

  • 專為 executive 物件量身打造的 策略性威脅情報,可提升對網路安全性風險、資金需求的認知,並支援組織領導階層的音效風險決策。Strategic threat intelligence tailored to executive audiences increases awareness of cybersecurity risk, funding requirements, and supports sound risk decision making by organizational leadership.
  • 累加 程式成長,可提供直接事件支援的快速獲勝,併發展成威脅情報平臺,以追蹤和通知專案關係人。Incremental program growth to provide quick wins with direct incident support and evolving into a threat intelligence platform to track and inform stakeholders.
  • 策略性和操作威脅情報 ,以引導事件調查和威脅偵測期間的決策進行。Tactical and operational threat intelligence to guide decision making during incident investigation and threat detections.

小組撰寫和索引鍵關聯性Team composition and key relationships

雲端威脅情報通常由下列角色類型提供。Cloud threat intelligence is commonly provided by the following types of roles.

  • 安全性狀態管理Security posture management
  • 組織主管領導階層Organizational executive leadership
  • 關鍵業務領導人或其代表Key business leaders or their representatives
  • 安全性架構和作業Security architecture and operations
  • IT 架構和作業IT architecture and operations
  • 風險管理小組Risk management teams

後續步驟Next steps

複習雲端安全性狀態 管理的功能。Review the function of cloud security posture management.