Cyber Threat Intelligence RFP

Brilliant.

Yet another organisation that has jumped upon the CTI bandwagon and are trying to position themselves selling premium services in a field they haven't got a clue how to deliver any value to potential customers.

Good luck with that.

CTI usually comes from any Cyber Threat Alliance CTA or an IT security vendor's big database like Wildfire (PAN). But only locally 'collected' CTI is useless. The picture is too tiny. It seems that internal incident teams search for more self-legitimation to fill their 24x7 presence.

All-in-all worthless.

CTI usually comes from any Cyber Threat Alliance CTA or an IT security vendor's big database like Wildfire (PAN). But only locally 'collected' CTI is useless. The picture is too tiny. It seems that internal incident teams search for more self-legitimation to fill their 24x7 presence.

All-in-all worthless.

It's not that, its that some people who do IR think they can throw up a CTI team and start delivering in a month or so just with a bunch of papers. It's WAY more complex than indicators. procedures and a bunch of reports.

There is also nothing called "local CTI", unless the I stands for indicators, and just subscribing to external sources and flooding oneself with indicators really don't help that much. I've been to interviews to a few IR positions at SOCs and most of them cannot tell CTI from their own a*s.

Absolutely. CTI as a Service is suboptimal as only internal IT teams really know their vulns and can define with their Sales and Mgmt their specific attack vectors. Dividing the company into zones differently leveled by risk helps to fight against targeted APTs. People not understanding lateral movement or credentials steeling together with no Forensic Readyness concepts are not close enough. CTI as a Service I would never outsource. DIY and sharpen your people's awareness with technical countermeasures to improve IT security.

Dear all,

Our Bank's Incident response team going to avail Cyber Threat Intelligence (CTI) premium service and requested to create RFP for CTI. can anyone share sample RFP for CTI

Some quick Google-ification turned up

http//www.rfpdb.com/view/document/name/IT-SECURITY-THREAT-ANALYSIS_2016_S_024%7CIT%7CSEC%7CTHREAT%7CANALYSIS

https://www.merx.com/English/SUPPLIER_Menu.asp?WCE=Show&TAB=1&PORTAL=MERX&State=7&id=264629&print=Y&src=osr&ForceLID=&HID=&hcode=Jrc1MmTxldKqpyQHFyTnYQ%3D%3D

Some quick Google-ification turned up

http//www.rfpdb.com/view/document/name/IT-SECURITY-THREAT-ANALYSIS_2016_S_024%7CIT%7CSEC%7CTHREAT%7CANALYSIS

I suspect that this is a good example of how the Government (in this case the US, but I guess can apply everywhere) works (or completely fails to).
4th line of the document

Type RFP

First paragraph

THIS IS A SOURCES SOUGHT ANNOUNCEMENT ONLY TO PRE-QUALIFY VENDORS. THERE IS NO SOLICITATION AVAILABLE AT THIS TIME. THIS IS NOT A FORMAL REQUEST FOR PROPOSAL.

Beginning of last paragraph

THIS IS NOT A REQUEST FOR PROPOSAL.

😯

It's a RFP, but no, it is in not a formal one, but no it is not a RFP at all….
D

jaclaz

Brilliant.

Yet another organisation that has jumped upon the CTI bandwagon and are trying to position themselves selling premium services in a field they haven't got a clue how to deliver any value to potential customers.

Good luck with that.

She wants RFP assistance in purchasing CTI assistance, not making a CTI organization.