Preface vii Acknowledgments xi Introduction xv Chapter 1: Objectives of a Cyber Intelligence-Driven Risk Program 1 Notes 5 Chapter 2: Importance of Cyber Intelligence for Businesses 7 Notes 14 Chapter 3: Military to Commercial Viability of the CI-DR™ Program 15 Notes 23 Chapter 4: CI-DR™ Security Program Components 25 Notes 39 Chapter 5: Functional Capabilities of the CI-DRTM Program 41 Notes 54 Chapter 6: CI-DR™ Key Capability Next-Generation Security Operations Center 55 Introduction by Kiran Vangaveti – CEO of BluSapphire 55 Notes 60 Chapter 7: CI-DR™ Key Capability Cyber Threat Intelligence 63 Notes 70 Chapter 8: CI-DR™ Key Capability Forensic Teams 71 Dr. Steven Johnson Notes 85 Chapter 9: CI-DR™ Key Capability Vulnerability Management Teams 87 By Derek Olson Notes 103 Chapter 10: CI-DR™ Key Capability Incident Response Teams 105 By Dr. Steven Johnson Notes 122 Chapter 11: CI-DR™ Collection Components 123 Notes 125 Chapter 12: CI-DR™ Stakeholders 127 By Steve Dufour, CEO Notes 133 Conclusion 135 Glossary 139 About the Author and Chapter Authors 145 Index 149

Turn cyber intelligence into meaningful business decisions and reduce losses from cyber events Cyber Intelligence-Driven Risk provides a solution to one of the most pressing issues that executives and risk managers face: How can we weave information security into our business decisions to minimize overall business risk? In today's complex digital landscape, business decisions and cyber event responses have implications for information security that high-level actors may be unable to foresee. What we need is a cybersecurity command center capable of delivering, not just data, but concise, meaningful interpretations that allow us to make informed decisions. Building, buying, or outsourcing a CI-DR™ program is the answer. In his work with executives at leading financial organizations and with the U.S. military, author Richard O. Moore III has tested and proven this next-level approach to Intelligence and Risk. This book is a guide to: Building, buying, or outsourcing a cyber intelligence–driven risk programUnderstanding the functional capabilities needed to sustain the programUsing cyber intelligence to support Enterprise Risk ManagementReducing loss from cyber events by building new organizational capacitiesSupporting mergers and acquisitions with predictive analytics Each function of a well-designed cyber intelligence-driven risk program can support informed business decisions in the era of increased complexity and emergent cyber threats.