Request For Comment
The request for comment period for this draft concluded on Thursday, May 3. All comments are currently under review and adjudication by working groups. Comments received after the May 3rd deadline are welcomed and may be included in future adjudication and revision periods.
The purpose of analysis is to produce intelligence that decreases uncertainty in decision making and therefore reduces risk. This document provides an introduction to the information analysis process and how an Information Sharing and Analysis Organization (ISAO) can use it to identify, define, and mitigate cyber-security threats. It is the authors’ intent to provide organizations a general understanding of the tools and processes needed for an analysis team to create cybersecurity information and intelligence within their ISAOs.
This document establishes a conceptual framework for an analytical process, including establishing information and intelligence requirements as well as collecting, processing, analyzing, and exploiting relevant data to generate products that provide ISAO members with cybersecurity situational awareness. The objective of sharing cybersecurity analysis is to provide ISAOs with actionable information, reduce uncertainty, and thereby reduce risk to enable decision makers. As a technical overview, this document is meant to foster discussion on both a managerial and an operational level.