EclecticIQ

Platform

Discover our unique approach to Intelligence, Automation and Collaboration.

Packages

Discover the variety of pre-configured packages suited for your diverse use cases.

Products

Explore our modular product solutions to better protect your environment.

Services

Get the most out of your EclecticIQ cybersecurity solutions.

Academy

Unlock the full potential of our Threat Intelligence Platform with expert guidance.

Ecosystem

Explore our world-class partners – or learn about our partner program.

TIP for CTI

Power your CTI practice with analyst-centric threat intelligence solutions.

TIP for SOC

Go beyond the IOC to augment your SOC in defense of your organization.

Intelligence Center

Threat Scout

Curated Feeds

nav-solutions

Learn how EclecticIQ can help you address your specific challenges – by team and by need – and improve your overall security posture.

Solutions overview

For CTI Teams

Provide your CTI team with the automation, performance, flexibility, and integrations needed to supercharge their CTI operations with our range of analyst-centric products and services.

For SOC Teams

Enable your SOC team to better operationalize threat intelligence for more effective and efficient incident response with our range of analyst-centric management products and services.

For Situational Awareness

Improve your situational awareness and mitigate risk with our collection of analyst-centric threat intelligence products and services.

For Collaboration & Dissemination

Operationalize threat intelligence for more effective and efficient incident response with our range of analyst-centric management products and services.

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Become a Partner

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

About Our Partners

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

CTI Maturity Path Take Action with CTI What is STIX and TAXII?

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

All resources White Papers Product Descriptions

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

Open Source Projects EclecticIQ on GitHub

Platform

Discover our unique approach to Intelligence, Automation and Collaboration.

Packages

Discover the variety of pre-configured packages suited for your diverse use cases.

Products

Explore our modular product solutions to better protect your environment.

Services

Get the most out of your EclecticIQ cybersecurity solutions.

Academy

Unlock the full potential of our Threat Intelligence Platform with expert guidance.

Ecosystem

Explore our world-class partners – or learn about our partner program.

TIP for CTI

Power your CTI practice with analyst-centric threat intelligence solutions.

TIP for SOC

Go beyond the IOC to augment your SOC in defense of your organization.

Intelligence Center

Threat Scout

Curated Feeds

nav-solutions

Learn how EclecticIQ can help you address your specific challenges – by team and by need – and improve your overall security posture.

Solutions overview

For CTI Teams

Provide your CTI team with the automation, performance, flexibility, and integrations needed to supercharge their CTI operations with our range of analyst-centric products and services.

For SOC Teams

Enable your SOC team to better operationalize threat intelligence for more effective and efficient incident response with our range of analyst-centric management products and services.

For Situational Awareness

Improve your situational awareness and mitigate risk with our collection of analyst-centric threat intelligence products and services.

For Collaboration & Dissemination

Operationalize threat intelligence for more effective and efficient incident response with our range of analyst-centric management products and services.

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Become a Partner

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

About Our Partners

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

CTI Maturity Path Take Action with CTI What is STIX and TAXII?

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

All resources White Papers Product Descriptions

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

Open Source Projects EclecticIQ on GitHub

Platform

Discover our unique approach to Intelligence, Automation and Collaboration.

Packages

Discover the variety of pre-configured packages suited for your diverse use cases.

Products

Explore our modular product solutions to better protect your environment.

Services

Get the most out of your EclecticIQ cybersecurity solutions.

Academy

Unlock the full potential of our Threat Intelligence Platform with expert guidance.

Ecosystem

Explore our world-class partners – or learn about our partner program.

TIP for CTI

Power your CTI practice with analyst-centric threat intelligence solutions.

TIP for SOC

Go beyond the IOC to augment your SOC in defense of your organization.

Intelligence Center

Threat Scout

Curated Feeds

nav-solutions

Learn how EclecticIQ can help you address your specific challenges – by team and by need – and improve your overall security posture.

Solutions overview

For CTI Teams

Provide your CTI team with the automation, performance, flexibility, and integrations needed to supercharge their CTI operations with our range of analyst-centric products and services.

For SOC Teams

Enable your SOC team to better operationalize threat intelligence for more effective and efficient incident response with our range of analyst-centric management products and services.

For Situational Awareness

Improve your situational awareness and mitigate risk with our collection of analyst-centric threat intelligence products and services.

For Collaboration & Dissemination

Operationalize threat intelligence for more effective and efficient incident response with our range of analyst-centric management products and services.

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Become a Partner

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

About Our Partners

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

CTI Maturity Path Take Action with CTI What is STIX and TAXII?

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

All resources White Papers Product Descriptions

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

Open Source Projects EclecticIQ on GitHub

Platform

Discover our unique approach to Intelligence, Automation and Collaboration.

Packages

Discover the variety of pre-configured packages suited for your diverse use cases.

Products

Explore our modular product solutions to better protect your environment.

Services

Get the most out of your EclecticIQ cybersecurity solutions.

Academy

Unlock the full potential of our Threat Intelligence Platform with expert guidance.

Ecosystem

Explore our world-class partners – or learn about our partner program.

TIP for CTI

Power your CTI practice with analyst-centric threat intelligence solutions.

TIP for SOC

Go beyond the IOC to augment your SOC in defense of your organization.

Intelligence Center

Threat Scout

Curated Feeds

nav-solutions

Learn how EclecticIQ can help you address your specific challenges – by team and by need – and improve your overall security posture.

Solutions overview

For CTI Teams

Provide your CTI team with the automation, performance, flexibility, and integrations needed to supercharge their CTI operations with our range of analyst-centric products and services.

For SOC Teams

Enable your SOC team to better operationalize threat intelligence for more effective and efficient incident response with our range of analyst-centric management products and services.

For Situational Awareness

Improve your situational awareness and mitigate risk with our collection of analyst-centric threat intelligence products and services.

For Collaboration & Dissemination

Operationalize threat intelligence for more effective and efficient incident response with our range of analyst-centric management products and services.

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Become a Partner

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

About Our Partners

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

CTI Maturity Path Take Action with CTI What is STIX and TAXII?

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

All resources White Papers Product Descriptions

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

Open Source Projects EclecticIQ on GitHub

An Innovative Model for Assessing Current and Desired CTI Maturity

Though there are broadly adopted capability maturity models for other areas of IT (e.g., CMMI, COBIT, NHS Infrastructure Maturity Model), a widely accepted CTI capability maturity model has not yet emerged. Some excellent work is ongoing at the TUDelft Cyber Threat Intelligence Lab [1] and within ENISA [2,3], but no de facto model exists.

The EclecticIQ CTI Capability Maturity Model (CTI - CMM) for organizational intelligence is inspired by the great work of Robert M. Clark (author of "Intelligence Analysis: A Target-Centric Approach"), CPNI/CERT- UK's publications on threat intelligence, and the iSIGHT Partners Threat Intelligence Maturity Model.

Like other capability maturity models (e.g., CMMI), the CTI - CMM establishes a five-level (stage) assessment scale that measures your maturity across eight distinct CTI capabilities.

Overall, the model covers three broad areas (See Figure 1):

3-broad-areas-to-measure-cti-maturity

Figure 1 - Three broad areas to measure CTI maturity 


  • Alignment with business and threat reality: Measures how well your investments in threat intelligence reflect business needs, resource constraints, and the threat landscape.

  • Ability to understand cyber threats: Measures how well your analytic capabilities allow your threat intelligence teams to understand cyber threats in the context of stakeholder needs. Essential functions include qualifying technical indicators and strategically tracking critical cyber threats facing similar organizations and industries.

  • Ability to control/take action on cyber threats: Measures the capability of your organization to handle, act on, and contain threats. Key functions include collecting relevant technical indicators, instrumenting detection and prevention systems, and engaging business stakeholders in how the changing threat landscape drives appropriate investment and business decisions.

Five stages of CTI maturity


Table 1 lists the five stages of maturity for each of the eight capabilities making up the CTI - CMM. Each stage builds on the previous one. With this approach, you gain the big picture (e.g., going from threat ignorance to full awareness) and learn how to move incrementally from one stage to the next (e.g., shifting from non-existent to basic awareness by tracking publicly discussed threats). 

cti-maturity-levels-overview

Table 1 - CTI maturity levels (click the image to zoom in)

Yes, we’ve just presented a ton of information. We realize that mapping eight capabilities across three practice pillars and five maturity stages sounds like a lot of moving points. However, as discussed in our next blog, turning this information into something actionable is surprisingly straightforward.

References

[1] https://ctim.eu/ 

[2] https://www.enisa.europa.eu/news/enisa-news/csirts-maturity-moving-to-the-next-level 

[3] https://www.enisa.europa.eu/events/2018-cti-eu-event/cti-eu-2018-presentations/cti-eu-cti-capability-maturity-model.pdf 

White Paper - The Path to Pre-emptive CTI Operations

Do you find these blogposts insightful? Download our white paper for convenient access to all five blogposts that are part of this blog series in one cohesive document that is easy to take with or share with your stakeholders.

Read White Paper
Using the Maturity Model: Know What you are Measuring!

Using the Maturity Model: Know What you are Measuring!

By adding effectiveness metrics, you can answer some of your most challenging questions.

© 2014 – 2024 EclecticIQ B.V.
EclecticIQ. Intelligence, Automation, Collaboration.
Get demo