A Cyber Threat Intelligence (CTI) analyst plays a critical role in defending an organization from cyber attacks. They need to gather information about the latest cyber threats, assess the relevance and potential impact they could have on their organization, and provide actionable intelligence to other defenders in the organization to protect against these threats.
This is a challenging job. You need strong cyber security knowledge across various disciplines, an understanding of the red and blue sides, and data analysis skills to prioritize which challenges to tackle across the vast threat landscape. You must also communicate these findings to security professionals who transcend your organization’s hierarchy, from junior SOC analysts who need tactical intelligence (IOCs) to C-suite executives who need strategic intelligence.
There are pitfalls around every corner that can have you spending weeks or even months prioritizing the wrong things, poorly communicating your findings, or wasting your time chasing red herrings.
I made several mistakes while working in a SOC and later as a senior CTI analyst. Here are the big ones you can hopefully avoid on your quest to learn about cyber threat intelligence or become a CTI analyst. Along with practical advice on how to avoid them!
