By: Nicole Hoffman If you work in cyber threat intelligence (CTI), you have probably at one time or another been tasked with writing an industry-specific cyber threat landscape report. I have performed several of these investigations whether it was for a request for information (RFI), a blog, a research project, or even a writing prompt…

As an analyst, I enjoy thinking. As a cognitive science nerd, I also enjoy thinking about thinking. How can I think better? As someone diagnosed with ADHD, analysis can sometimes be challenging especially if I am not super intrigued about the topic. This is partially what led me to go down a rabbit hole of…

I really enjoy using the skills I have learned outside of information security (infosec) and applying them to problem solving in cyber threat intelligence. This is known as lateral thinking, or a way of solving problems using an indirect and creative approach via reasoning that is not immediately obvious.(Wikipedia) Several problems, especially in infosec, require…

By: Nicole Hoffman In 2020 while doing a deep dive into analysis, I unintentionally created my own analysis framework called the Cognitive Stairways of Analysis. I introduced the framework within a blog post, but it didn’t gain traction until I presented the framework at the 2021 SANS CTI Summit in January. During the presentation I…

By: Nicole Hoffman After creating this framework, I implored others to contribute to the framework either by creating their own stairway or by remixing an existing stairway to fit their analytical processes. I am excited to announce a new stairway that I have been working on for the past few months with the help of…

By: Nicole Hoffman This blog post was originally written as a conference talk. I enjoy writing out my talks as essays before creating my slides. I decided to share this essay as a blog post. I hope you enjoy. I included my slides from my talk at the end.  If you follow me on Twitter…

by: Nicole Hoffman I enjoy attending conferences as much as I can because they provide opportunities to expand my knowledge base and create long lasting friendships. Sure, there are also networking connections, but I live in a small town and there are not a lot of techies. It is really nice to expand my network…