All cyber threat intelligence teams need three things; a threat intelligence lifecycle, a threat model, and intelligence requirements. One of the hardest to get right is intelligence requirements. They usually lack focus, fail to define a timeframe, or do not answer a single question to support an informed decision.