A report may be one of the following:
- A Security Report on a target.
- An Intelligence Report summarizing intelligence on a threat to a specific target or set of targets.
- An Incident Report on an attack that has taken place.
- An Intelligence Report on a target for offensive action.
All reports will be based on a general template with customization due to the report type.
Attack Method Delivery Vector
How the attack was facilitated.
This portion will describe the strategic circumstances of the report.
Cyber Intelligence Report Cover
Transmits the report.
Details the discovery process are addressed.
Hybrid indications are defined.
Category and Features of Intelligence Assessment.
Assessment of the Intelligence.
(This part will be filled after the entire report is completed)
Determines the method of operation.
Outlook and Implications
Summary of the event/intelligence and forecast regarding potential second order and third order consequences, spillover effects etc.
This portion will list a set of technical and operational recommendations to counter the threat.
This part will identify the report as an incident report, an analysis of the security status of a target, or an intelligence report on potential threats to a target or to a number of targets.
Scope of the Attack
Size, scope and complexity of the attack is described.
Sources of Intelligence
This portion details how the intelligence on the threat was derived and the confidence of the information.
Strategic Analysis of the Threat Entity.
Description of the target/s that the report deals.
Analysis of the targets based on a CARVER matrix.
Type of Event
Describes the event being investigated.
Cyber Intelligence Report
Cyber Intelligence Reports provide strategic intelligence that highlight current security activity. The reports address seven major risk management categories: vulnerability, physical, legal, trust, identity, human, and geopolitical.
This template accelerates the ability to to collect, analyze, and report on Cyber Intelligence Threats in a proactive, pragmatic approach to the collection of cyber threat and cyber threat analysis as a collaboration.
Shmuel Bar is Director of Studies at the Institute of Policy and Strategy in Herzliya, Israel and on the steering team of the annual "Herzliya Conference". Bar served for thirty years in the Israeli government, first in the IDF Intelligence and then in the Israeli Office of the Prime Minister. During this period, he specialized in Islamic fundamentalism and the Jihadi movement and served in diplomatic postings. Since 2002, he has headed research projects—some of them for U.S. government agencies—and published extensively on issues relating to the Middle East, including radical Islamic ideology, Iranian defense doctrine, leadership and negotiation behavior, Syrian leadership and the Baath party, Jordan, and the Palestinians. He holds a Ph.D. in History of the Middle East from Tel-Aviv University.