ID.RA-02: Cyber threat intelligence is received from information sharing forums and sources

Description

[csf.tools Note: Subcategories do not have detailed descriptions. However NIST has provided the following implementation examples.]

Implementation Examples

1st: 1st Party Risk

Ex1: Configure cybersecurity tools and technologies with detection or response capabilities to securely ingest cyber threat intelligence feeds

Ex2: Receive and review advisories from reputable third parties on current threat actors and their tactics, techniques, and procedures (TTPs)

Ex3: Monitor sources of cyber threat intelligence for information on the types of vulnerabilities that emerging technologies may have