-
Publicly available sources for industry-specific threat landscape reports
By: Nicole Hoffman If you work in cyber threat intelligence (CTI), you have probably at one time or another been tasked with writing an industry-specific cyber threat landscape report. I have performed several of these investigations whether it was for a request for information (RFI), a blog, a research project, or even a writing prompt […]
-
Lateral Thinking Series: Lessons from the healthcare industry
As an analyst, I enjoy thinking. As a cognitive science nerd, I also enjoy thinking about thinking. How can I think better? As someone diagnosed with ADHD, analysis can sometimes be challenging especially if I am not super intrigued about the topic. This is partially what led me to go down a rabbit hole of […]
-
Lateral Thinking Series: Lessons from the Financial Industry
I really enjoy using the skills I have learned outside of information security (infosec) and applying them to problem solving in cyber threat intelligence. This is known as lateral thinking, or a way of solving problems using an indirect and creative approach via reasoning that is not immediately obvious.(Wikipedia) Several problems, especially in infosec, require […]
-
Think Steps: A Practical Guide
By: Nicole Hoffman In 2020 while doing a deep dive into analysis, I unintentionally created my own analysis framework called the Cognitive Stairways of Analysis. I introduced the framework within a blog post, but it didn’t gain traction until I presented the framework at the 2021 SANS CTI Summit in January. During the presentation I […]
-
Introducing the OSINT Stairway
By: Nicole Hoffman After creating this framework, I implored others to contribute to the framework either by creating their own stairway or by remixing an existing stairway to fit their analytical processes. I am excited to announce a new stairway that I have been working on for the past few months with the help of […]
-
How to Guide for Presenting Projects to C-Suite (ATT&CK Edition)
By: Nicole Hoffman This blog post was originally written as a conference talk. I enjoy writing out my talks as essays before creating my slides. I decided to share this essay as a blog post. I hope you enjoy. I included my slides from my talk at the end. If you follow me on Twitter […]
-
The Cognitive Stairways of Analysis
by: Nicole Hoffman TLDR I Introduce a series of analytic process models from various industries and use key takeaways to create my own framework called the Cognitive Stairways of Analysis. Introduction Analysis. You might hear this term all the time. What does it really mean? How do you analyze data? Unfortunately, this is something I had […]
-
20 Things I Learned After My First Four Conference Talks
by: Nicole Hoffman I enjoy attending conferences as much as I can because they provide opportunities to expand my knowledge base and create long lasting friendships. Sure, there are also networking connections, but I live in a small town and there are not a lot of techies. It is really nice to expand my network […]