What is it?
Threat Research is the process of gathering and analyzing information about potential cyber threats and attacks to identify patterns, trends, and vulnerabilities. This research involves analyzing various data sources to identify emerging threats and to develop countermeasures and mitigation strategies to protect against them.
The threat intelligence team is continuously performing research on cyber threats that may impact North Dakota. This research feeds our intelligence products and helps drive security operations. The threat intelligence team will also research specific topics or threats upon request.
What do you get with the service?
The goal of threat research is to help fill gaps in knowledge that are preventing you from making an informed decision. Our team combines information from a variety of internal and external data resources to answer questions about cyber related unknowns. The desired outcome is to provide actionable threat intelligence that can assist with preventing, detecting, or responding to a potential threat.
The threat intelligence team uses analytic frameworks and structured analytic techniques to gain a holistic understanding of cyber threats. In turn, our products aim to provide clear, concise, and tailored information on how a cyber threat would impact North Dakota. The threat intelligence team primarily concentrates on addressing questions that support the following objectives:
- Minimizing attack surface
- Characterizing the threat landscape
- Evaluating adversary capability and intent
- Prioritizing defense resources
- Optimizing defense posture
- Aiding in response situations
How do you request this service?
A research topic or specific question may be requested by submitting a ServiceNow Generic Service Request.
Please select “Security” for the request type and include the following information within the additional comments section of the request:
- ATTN: Cyber Active Defense
- Topic and detailed description.
- please include context as to why you are requesting the information and what you plan to do with it.
- Think who, what where, when, why, how.
- This helps us tailor our research and response.
- Specific questions you would like answered pertaining to the topic.
- Existing information or resources you have on this topic; may include relevant attachments, references to articles, contextual conversations, or contacts with additional information.
- Any additional points of contact to be included in the process or response that are not the ticket submitter.
Please note, requests are prioritized as they come in and scheduled based upon the availability of resources. We strive to complete requests within one week from start to finish for threat research.