Help       Feedback       Q&A       Sign in with Facebook or Google or Microsoft
workbench for expert-guided collaborative authoring

Start a New Project: Playbook Details

Cyber Intelligence Report
Shmuel Bar - December 19, 2020


A report may be one of the following:

  • A Security Report on a target.
  • An Intelligence Report summarizing intelligence on a threat to a specific target or set of targets.
  • An Incident Report on an attack that has taken place.
  • An Intelligence Report on a target for offensive action.

All reports will be based on a general template with customization due to the report type.

  • Attack Method Delivery Vector

    How the attack was facilitated.

  • Background

    This portion will describe the strategic circumstances of the report. 

  • Cyber Intelligence Report Cover

    Transmits the report.

  • Discovery Process

    Details the discovery process are addressed.

  • Hybrid indications

    Hybrid indications are defined.

  • Incident Report

    Category and Features of Intelligence Assessment.

  • Intelligence Assessment

    Assessment of the Intelligence.

  • Key Observations

    (This part will be filled after the entire report is completed)

  • Modus Operandi

    Determines the method of operation.

  • Outlook and Implications

    Summary of the event/intelligence and forecast regarding potential second order and third order consequences, spillover effects etc.

  • Recommendations

    This portion will list a set of technical and operational recommendations to counter the threat. 

  • Report Type

    This part will identify the report as an incident report, an analysis of the security status of a target, or an intelligence report on potential threats to a target or to a number of targets.

  • Scope of the Attack

    Size, scope and complexity of the attack is described.

  • Sources of Intelligence

    This portion details how the intelligence on the threat was derived and the confidence of the information.

  • Strategic Analysis

    Strategic Analysis of the Threat Entity.

  • Target

    Description of the target/s that the report deals.

  • Target Analysis

    Analysis of the targets based on a CARVER matrix.     

  • Type of Event

    Describes the event being investigated.

  • Cyber Intelligence Report

    Cyber Intelligence Reports provide strategic intelligence that highlight current security activity. The reports address seven major risk management categories: vulnerability, physical, legal, trust, identity, human, and geopolitical.

What's New

This template accelerates the ability to  to collect, analyze, and report on Cyber Intelligence Threats in a proactive, pragmatic approach to the collection of cyber threat and cyber threat analysis as a collaboration.

About Developer

Shmuel Bar is Director of Studies at the Institute of Policy and Strategy in Herzliya, Israel and on the steering team of the annual "Herzliya Conference". Bar served for thirty years in the Israeli government, first in the IDF Intelligence and then in the Israeli Office of the Prime Minister. During this period, he specialized in Islamic fundamentalism and the Jihadi movement and served in diplomatic postings. Since 2002, he has headed research projects—some of them for U.S. government agencies—and published extensively on issues relating to the Middle East, including radical Islamic ideology, Iranian defense doctrine, leadership and negotiation behavior, Syrian leadership and the Baath party, Jordan, and the Palestinians. He holds a Ph.D. in History of the Middle East from Tel-Aviv University.