EclecticIQ

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

An Innovative Model for Assessing Current and Desired CTI Maturity

Though there are broadly adopted capability maturity models for other areas of IT (e.g., CMMI, COBIT, NHS Infrastructure Maturity Model), a widely accepted CTI capability maturity model has not yet emerged. Some excellent work is ongoing at the TUDelft Cyber Threat Intelligence Lab [1] and within ENISA [2,3], but no de facto model exists.

The EclecticIQ CTI Capability Maturity Model (CTI - CMM) for organizational intelligence is inspired by the great work of Robert M. Clark (author of "Intelligence Analysis: A Target-Centric Approach"), CPNI/CERT- UK's publications on threat intelligence, and the iSIGHT Partners Threat Intelligence Maturity Model.

Like other capability maturity models (e.g., CMMI), the CTI - CMM establishes a five-level (stage) assessment scale that measures your maturity across eight distinct CTI capabilities.

Overall, the model covers three broad areas (See Figure 1):

3-broad-areas-to-measure-cti-maturity

Figure 1 - Three broad areas to measure CTI maturity 


  • Alignment with business and threat reality: Measures how well your investments in threat intelligence reflect business needs, resource constraints, and the threat landscape.

  • Ability to understand cyber threats: Measures how well your analytic capabilities allow your threat intelligence teams to understand cyber threats in the context of stakeholder needs. Essential functions include qualifying technical indicators and strategically tracking critical cyber threats facing similar organizations and industries.

  • Ability to control/take action on cyber threats: Measures the capability of your organization to handle, act on, and contain threats. Key functions include collecting relevant technical indicators, instrumenting detection and prevention systems, and engaging business stakeholders in how the changing threat landscape drives appropriate investment and business decisions.

Five stages of CTI maturity


Table 1 lists the five stages of maturity for each of the eight capabilities making up the CTI - CMM. Each stage builds on the previous one. With this approach, you gain the big picture (e.g., going from threat ignorance to full awareness) and learn how to move incrementally from one stage to the next (e.g., shifting from non-existent to basic awareness by tracking publicly discussed threats). 

cti-maturity-levels-overview

Table 1 - CTI maturity levels (click the image to zoom in)

Yes, we’ve just presented a ton of information. We realize that mapping eight capabilities across three practice pillars and five maturity stages sounds like a lot of moving points. However, as discussed in our next blog, turning this information into something actionable is surprisingly straightforward.

References

[1] https://ctim.eu/ 

[2] https://www.enisa.europa.eu/news/enisa-news/csirts-maturity-moving-to-the-next-level 

[3] https://www.enisa.europa.eu/events/2018-cti-eu-event/cti-eu-2018-presentations/cti-eu-cti-capability-maturity-model.pdf 

White Paper - The Path to Pre-emptive CTI Operations

Do you find these blogposts insightful? Download our white paper for convenient access to all five blogposts that are part of this blog series in one cohesive document that is easy to take with or share with your stakeholders.

Using the Maturity Model: Know What you are Measuring!

Using the Maturity Model: Know What you are Measuring!

By adding effectiveness metrics, you can answer some of your most challenging questions.

© 2014 – 2024 EclecticIQ B.V.
EclecticIQ. Intelligence, Automation, Collaboration.
Get demo