Open Source Intelligence Investigation

The significant increase in the number of cyber attacks from advanced persistent threat (APT) sources has led many organisations to determine the extent of information leakage from public sources and how that information could be used to motivate, direct and assist in a targeted attack.

A Cyberis Open Source Intelligence Investigation is an assessment of your entire organisation through comprehensive reconnaissance in the public domain, in order to acquire information and analyse it to produce actionable intelligence. This actionable intelligence is presented to you as an information security risk assessment to allow a prioritised and measured response to risk treatment.

An open source intelligence investigation is particularly important if:

  • your organisation has a higher than average threat profile;
  • a specific threat source, target or risk has been identified;
  • there is a specific requirement to assess your organisation's exposure and profile, or
  • as a pre-requisite of a comprehensive organisation-wide information security health check.

Cyberis use a distinct five-phased methodology to ensure a structured approach, high-yield and wide coverage:

  • Threat Landscape and Risk Profile Review
  • Reconnaissance
  • Actionable Intelligence Analysis
  • Impact Assessment
  • Aggregate Risk Assessment

The main phases of the methodology use iterative processes for data collection, correlation and collation and analysis; all information is entered into a centralised repository and intelligence knowledgebase for collaborative assessment.

The Cyberis report features an executive summary that explains your organisation's exposure in the public domain, the business impact and high-level risk treatment plan. The main report itemises each individual exposure and the aggregate risk based on the actionable intelligence analysis. A debrief is strongly recommended to add further clarity to business stakeholders and data owners, and to discuss the most appropriate risk treatment and longer term remediation strategy.

Key benefits

  • Identify direct information and data asset exposures that may have regulatory or legislative consequences
  • Understand how threat actors may profile your organisation, and how overt intelligence gathering could be used to direct and refine attacks
  • Focus your security control and defence tactics, based on the actionable intelligence and attack vector candidates
  • Reduce your organisation's information exposure and security profile, using the risk treatment plan delivered in the report