1、Building a Threat-Led Cybersecurity Program With Cyberthreat Intelligence 2025 ISACA.All Rights Reserved.Information SecurityC O N T E NT S4Introduction5The Threat Landscape and Evolving Cybercrime Ecosystem5 /Infostealer Malware6Best Practices for Effective Threat Intelligence7 /Priority Intelligen
2、ce Requirements7 /Mapping Types of Threat Intelligence to Business Requirements7 /Strategic Threat Intelligence8 /Tactical Threat Intelligence8 /Operational Threat Intelligence8 /Technical Threat Intelligence8 /Engaging Stakeholders Across the Enterprise9 /Case Study10 /Communicating Up and Down the
3、 Leadership Chain11 /Scaling a Threat Intelligence Program11 /Legal and Regulatory Considerations12Improving the Operational Impact of Threat Intelligence12 /Technology Stack and Tool Selection13 /Automation as a Central Component of Threat Intelligence13 /Parsing of Breached Identities for Prioriti
4、zation14 /LLM-Enabled Initial Access Broker(IAB)Analysis14 /Breached Credential Verification and Remediation14 /IoC Feeds for Threat Hunting 15Measuring a Threat Intelligence Program16Conclusion17Acknowledgments2BUILDING A THREAT-LED CYBERSECURITY PROGRAM WITH CYBERTHREAT INTELLIGENCE 2025 ISACA.All
5、 Rights Reserved.A B S T R A C TEnterprises have long struggled to realize meaningful value from traditional cyberthreat intelligence programs.Common challenges include intelligence that is not actionable,overwhelming volumes of unprioritized data,and vague or poorly defined requirements.Meanwhile,t
6、he threat environment itself has become more complex;the rapid commercialization of the cybercrime ecosystem,the rise of generative artificial intelligence(GenAI),and escalating geopolitical tensions have all heightened the urgency for intelligence-driven security.This white paper provides a practic