Internal and external information sources to support threat management activities are identified, at least in an ad hoc manner
Context and Guidance: The organisation should periodically survey information sources (such as CISA, appropriate ISACs, industry associations, vendors, and federal briefings) to determine their relevance and value in providing threat information. Some analysis may first be necessary to determine what information is most relevant for supporting threat management activities. Additionally, threats affecting similar industry sectors may be relevant to the function and should be considered accordingly.
Related Practices • Progression: This practice is part of a practice progression. Practice progressions are groups of related practices that represent increasingly complete or more advanced implementations of an activity. The practices in this progression include: THREAT-2a, THREAT-2f.