Geopolitical Cyber Threat Intelligence
Paper print version is now available on Amazon!
"Geopolitical Cyber Threat Intelligence" is a book I've tailored specifically for us, cyber threat intelligence analysts. During our daily work, we often find ourselves at the intersection of cyber activities and geopolitics, trying to make sense of these attacks in a broader context. We need a deeper understanding of how cyber operations intersect with national policies, and this handbook delivers just that.
The content is structured to boost our understanding of how cyber capabilities are used as enablers in the broader pursuit of geopolitical objectives. It's designed to help CTI analysts understand the factors that shape national policies and the dynamics that might escalate into international tensions or conflicts.
After reading this book, CTI analysts will be equipped with:
- Deeper Understanding of Statecraft: Insights into the connection between political, economic, and security policies and cyber operations, enhancing our analysis.
- Strategic Foresight: Analytical techniques for crafting realistic future cyber threat scenarios based on current geopolitical assessments.
- Applicable Knowledge: Practical strategies to directly apply our new knowledge to the defense of our organizations, allowing us to inform our stakeholders as a risk starts to emerge, rather than after it.
For those of us in the field of cybersecurity, "Geopolitical Cyber Threat Intelligence" is a vital resource that I’m excited to share, helping us not just understand but actively engage with the geopolitical underpinnings of cyber threats.
Table of Contents
- Intelligence Collection Disciplines
- Comparison: Strategic vs. Tactical Collection Targets
- Understanding Nation State Policies
- Case Study: Iran
- Could You Be a Target of Nation-State APTs?
- Case Study: Solarix Dynamics
- Case Study: Tech Novelties
- Understanding Peacetime Relations Between States
- Wartime Cyber Operations
- Hierarchy of Targets and Possible Course of Actions
- Case Study: Russo-Ukrainian War
- Case Study: Nagorno Karabakh Conflict
- Why States Go Into Armed Conflict?
- Tracking Global Conflicts
- Case Study: Ukrainian Hacktivists
- Background and Turkey’s stance on the conflict
- Making Sense of the DDOS Incident
- Indications of Change: What actions in the future could trigger a similar disruptive cyber attack against Turkey?
- Case Study: Ukrainian Hacktivists
- Center of Gravity Analysis
- Case Study: Potential Israel - Iran conflict
- Assessment of Centers of Gravity in a Potential Iran-Israel Conflict
- Key Aspects of Iranian Cyber Operations
- Iran's Likely Objectives During a Potential Iran-Israel Conflict
- Next Steps
- Case Study: Potential Israel - Iran conflict
- Analysis Process
- Key Assumptions Check
- Analysis of Competing Hypotheses
- Brainstorming
- Signposts of Change
- Contrarian Techniques