±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 0 Overall: 32585
New Yesterday: 0 Visitors: 104

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

RSS Feed Widget

±Latest Webinars

Cyber Threat Intelligence RFP

Computer forensics discussion. Please ensure that your post is not better suited to one of the forums below (if it is, please post it there instead!)
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
Go to page 1, 2  Next 
  

Cyber Threat Intelligence RFP

Post Posted: Sat Aug 12, 2017 12:33 pm

Dear all,

Our Bank's Incident response team going to avail Cyber Threat Intelligence (CTI) premium service and requested to create RFP for CTI. can anyone share sample RFP for CTI  

Michelle007
Member
 
 
  

Re: Cyber Threat Intelligence RFP

Post Posted: Sat Aug 12, 2017 3:36 pm

Brilliant.

Yet another organisation that has jumped upon the CTI bandwagon and are trying to position themselves selling premium services in a field they haven't got a clue how to deliver any value to potential customers.

Good luck with that.  

MDCR
Senior Member
 
 
  

Re: Cyber Threat Intelligence RFP

Post Posted: Sun Aug 13, 2017 9:41 am

CTI usually comes from any Cyber Threat Alliance CTA or an IT security vendor's big database like Wildfire (PAN). But only locally 'collected' CTI is useless. The picture is too tiny. It seems that internal incident teams search for more self-legitimation to fill their 24x7 presence.

All-in-all worthless.  

RolfGutmann
Senior Member
 
 
  

Re: Cyber Threat Intelligence RFP

Post Posted: Sun Aug 13, 2017 5:48 pm

- RolfGutmann
CTI usually comes from any Cyber Threat Alliance CTA or an IT security vendor's big database like Wildfire (PAN). But only locally 'collected' CTI is useless. The picture is too tiny. It seems that internal incident teams search for more self-legitimation to fill their 24x7 presence.

All-in-all worthless.



It's not that, its that some people who do IR think they can throw up a CTI team and start delivering in a month or so just with a bunch of papers. It's WAY more complex than indicators. procedures and a bunch of reports.

There is also nothing called "local CTI", unless the I stands for indicators, and just subscribing to external sources and flooding oneself with indicators really don't help that much. I've been to interviews to a few IR positions at SOCs and most of them cannot tell CTI from their own ass.  

MDCR
Senior Member
 
 
  

Re: Cyber Threat Intelligence RFP

Post Posted: Mon Aug 14, 2017 1:54 am

Absolutely. CTI as a Service is suboptimal as only internal IT teams really know their vulns and can define with their Sales and Mgmt their specific attack vectors. Dividing the company into zones differently leveled by risk helps to fight against targeted APTs. People not understanding lateral movement or credentials steeling together with no Forensic Readyness concepts are not close enough. CTI as a Service I would never outsource. DIY and sharpen your people's awareness with technical countermeasures to improve IT security.  

RolfGutmann
Senior Member
 
 
  

Re: Cyber Threat Intelligence RFP

Post Posted: Mon Aug 14, 2017 6:37 pm

- Michelle007
Dear all,

Our Bank's Incident response team going to avail Cyber Threat Intelligence (CTI) premium service and requested to create RFP for CTI. can anyone share sample RFP for CTI


Some quick Google-ification turned up:

www.rfpdb.com/view/doc...7CANALYSIS

www.merx.com/English/S...TnYQ%3D%3D  

keydet89
Senior Member
 
 
  

Re: Cyber Threat Intelligence RFP

Post Posted: Tue Aug 15, 2017 9:51 am

- keydet89


Some quick Google-ification turned up:

www.rfpdb.com/view/doc...7CANALYSIS

I suspect that this is a good example of how the Government (in this case the US, but I guess can apply everywhere) works (or completely fails to).
4th line of the document:
Type: RFP


First paragraph:
THIS IS A SOURCES SOUGHT ANNOUNCEMENT ONLY TO PRE-QUALIFY VENDORS. THERE IS NO SOLICITATION AVAILABLE AT THIS TIME. THIS IS NOT A FORMAL REQUEST FOR PROPOSAL.


Beginning of last paragraph:

THIS IS NOT A REQUEST FOR PROPOSAL.

Shocked

It's a RFP, but no, it is in not a formal one, but no it is not a RFP at all....
Very Happy

jaclaz
_________________
- In theory there is no difference between theory and practice, but in practice there is. - 

jaclaz
Senior Member
 
 

Reply to topicReply to topic

Share and Like this forum topic to get more replies




Page 1 of 2
Go to page 1, 2  Next