Vault restructure

Corpus/📚️ Literature notes/Benefits of threat intelligence across the three layers.md

@@ -0,0 +1,23 @@
+By Jake Munroe of Recorde Future
+Source: [Recorded Future website](https://www.recordedfuture.com/iso-27002-threat-intelligence-new-security-standard/)
+Published: February 4, 2022
+Retrieved: March 7, 2022
+
+Jake Munroe lists some uses of threat intelligence on the three layers as identified in [a-5.7-Threat-intelligence](../Standards/ISO27x/OST/27002/EN/a-5.7-Threat-intelligence.md):
+
+Strategic:
+- setting priorities and making informed security architecture and budget decisions
+- focussing your threat intelligenge programme in line with the organization's strategy, by defining and tracking Priority Intelligence Requirements [^PIR] 
+- heightened awareness of relevant emerging threats, TTPs [^TTP], and threat groups
+
+Tactical:
+- integrating Indicators of Compromise (IoC’s) into security tools to enable contextual intelligence 
+- using detection rulesets from hunting packages on threat actors and malware
+
+Operational:
+- better understanding of specific attacks and the relationships between threat actors, indicators, and TTPs
+- mapping threat intelligence to common frameworks like MITRE ATT&CK to classify behaviors, assess security gaps, and share intelligence with the cybersecurity community
+
+
+[^PIR]: An agreement to prioritize certain information collected and processed over others because of the organization’s critical need for this data. – [source](https://www.crowdstrike.com/falcon/2020/videos/priority-intelligence-requirements-your-key-to-working-smarter-with-more-impact/)
+[^TTP]: -   Tactics, techniques and procedures (TTPs) are the “patterns of activities or methods associated with a specific threat actor or group of threat actors.” – [source](https://www.optiv.com/explore-optiv-insights/blog/tactics-techniques-and-procedures-ttps-within-cyber-threat-intelligence)