{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,7]],"date-time":"2026-05-07T17:46:07Z","timestamp":1778175967646,"version":"3.51.4"},"reference-count":27,"publisher":"Emerald","issue":"3","license":[{"start":{"date-parts":[[2015,7,13]],"date-time":"2015-07-13T00:00:00Z","timestamp":1436745600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.emerald.com\/insight\/site-policies"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015,7,13]]},"abstract":"\n Purpose<\/jats:title>\n \u2013 This paper aims to highlight the importance and role of strategic cyber intelligence to support risk-informed decision-making, ultimately leading to improved objectives, policies, architectures and investments to advance a nation or organization\u2019s interests in the cyber domain. <\/jats:p>\n <\/jats:sec>\n \n Design\/methodology\/approach<\/jats:title>\n \u2013 Integration of professional research literature from the fields of intelligence studies, strategy and information\/computer security. <\/jats:p>\n <\/jats:sec>\n \n Findings<\/jats:title>\n \u2013 Investing in technology, firewalls and intrusion detection systems is appropriate but, by itself, insufficient. Intelligence is a key component. Cyber intelligence emphasizes prevention and anticipation, to focus cybersecurity efforts before an attack occurs (\u201cleft of the hack\u201d). Strategic cyber intelligence can substantially reduce risk to the organization\u2019s mission and valued assets and support its due diligence. <\/jats:p>\n <\/jats:sec>\n \n Originality\/value<\/jats:title>\n \u2013 This paper describes how strategic cyber intelligence can be implemented and used within an enterprise to enhance its cyber defense, and create a more proactive and adaptive security posture. It not only describes strategic cyber intelligence as a distinct discipline, but also demonstrates how the key intelligence functions articulate with existing cybersecurity risk management standards.<\/jats:p>\n <\/jats:sec>","DOI":"10.1108\/ics-09-2014-0064","type":"journal-article","created":{"date-parts":[[2015,6,10]],"date-time":"2015-06-10T13:45:13Z","timestamp":1433943913000},"page":"317-332","source":"Crossref","is-referenced-by-count":17,"title":["Strategic cyber intelligence"],"prefix":"10.1108","volume":"23","author":[{"given":"Randy","family":"Borum","sequence":"first","affiliation":[]},{"given":"John","family":"Felker","sequence":"additional","affiliation":[]},{"given":"Sean","family":"Kern","sequence":"additional","affiliation":[]},{"given":"Kristen","family":"Dennesen","sequence":"additional","affiliation":[]},{"given":"Tonya","family":"Feyes","sequence":"additional","affiliation":[]}],"member":"140","reference":[{"key":"key2020122301473320900_b1","unstructured":"Alexander, K.\n (2013), \u201cCybersecurity: preparing for and responding to the enduring threat\u201d, \n Statement Of General Keith B. Alexander, USA Commander, United States Cyber Command Director, National Security Agency Chief, Central Security Service Before The Senate Committee On Appropriations\n , US Senate Committee On Appropriations, Washington, DC."},{"key":"key2020122301473320900_b2","unstructured":"Borum, R.\n , \n Felker, J.\n and \n Kern, S.\n (2014), \u201cCyber intelligence operations: more than just ones and zeroes\u201d, Proceedings of the Marine Safety and Security Council: The US Coast Guard Journal of Safety and Security at Sea, Washington, DC, Vol. 71 No. 4, pp. 65-68."},{"key":"key2020122301473320900_b3","unstructured":"Center for Strategic and International Studies\n (2008), \u201cSecuring cyberspace for the 44th Presidency\u201d, Center for Strategic and International Studies, Washington, DC, available at: http:csis.org\/files\/media\/csis\/pubs\/081208_securingcyberspace_44.pdf"},{"key":"key2020122301473320900_b4","unstructured":"Central Intelligence Agency\n (2004), \n Conference Report: Intelligence for a New Era in American Foreign Policy\n , Central Intelligence Agency, Washington, DC, pp. 3-4."},{"key":"key2020122301473320900_b5","unstructured":"Dennesen, K.\n , \n Felker, J.\n , \n Feyes, T.\n and \n Kern, S.\n (2014), \u201cStrategic cyber intelligence\u201d, Cyber Intelligence Task Force, Intelligence and National Security Alliance (INSA) White Paper, INSA, Washington, DC."},{"key":"key2020122301473320900_b6","unstructured":"DoD Defense Science Board\n (2013), \u201cResilient military systems and the advanced cyber threat: DSB task force report\u201d, Defense Science Board, Washington, DC, available at: www.acq.osd.mil\/dsb\/reports\/ResilientMilitarySystems.CyberThreat.pdf"},{"key":"key2020122301473320900_b7","unstructured":"Freyn, S.\n and \n Nimalan, P.\n (2012), \u201cUsing structured methods to improve indicator and warning analysis\u201d, \n Competitive Intelligence\n , Vol. 15 No. 4, pp. 22-29."},{"key":"key2020122301473320900_b8","unstructured":"Heidenrich, J.\n (2008), \u201cThe state of strategic intelligence: the intelligence community\u2019s neglect of strategic intelligence\u201d, \n Studies in Intelligence\n , Vol. 51 No. 2, available at: www.cia.gov\/library\/center-for-the-study-of-intelligence\/csi-publications\/csi-studies\/studies\/vol51no2\/the-state-of-strategic-intelligence.html"},{"key":"key2020122301473320900_b9","unstructured":"Heuer, R.\n (1999), \u201cPsychology of intelligence analysis\u201d, \n Central Intelligence Agency\n , Center For Study of Intelligence, Washington, DC, available at: www.cia.gov\/library\/center-for-the-study-of-intelligence\/csi-publications\/books-and-monographs\/psychology-of-intelligence-analysis\/https:\/\/www.cia.gov\/library\/center-for-the-study-of-intelligence\/csi-publications\/books-and-monographs\/psychology-of-intelligence-analysis\/"},{"key":"key2020122301473320900_b10","unstructured":"International Multilateral Partnership Against Cyber Threats (IMPACT)\n (2014), \u201cWhat we stand for\u201d, available at: www.impact-alliance.org\/aboutus\/mission-\n\t\t\t\t\t&\n\t\t\t\t-vision.html"},{"key":"key2020122301473320900_b11","unstructured":"Ludwick, M.\n , \n McAllister, J.\n , \n Mellinger, A.\n , \n Sereno, K.\n and \n Townsedn, T.\n (2013), \n Cyber Intelligence Tradecraft Project: Summary of Key Findings\n , Software Engineering Institute, Carnegie Mellon University, Pittsburgh, PA."},{"key":"key2020122301473320900_b12","doi-asserted-by":"crossref","unstructured":"Mattern, T.\n , \n Felker, J.\n , \n Borum, R.\n and \n Bamford, G.\n (2014), \u201cOperational levels of cyber intelligence\u201d, \n International Journal of Intelligence and Counterintelligence\n , Vol. 27 No. 4, pp. 702-719.","DOI":"10.1080\/08850607.2014.924811"},{"key":"key2020122301473320900_b13","unstructured":"National Initiative for Cybersecurity Careers and Studies (NICCS)\n (2013), \n The National Cybersecurity Workforce Framework\n , DHS, Washington, DC, available at: http:\/\/niccs.us-cert.gov\/training\/tc\/framework\/specialty-areas"},{"key":"key2020122301473320900_b14","unstructured":"Noble, R.\n (2013), \u201cState of the organization address\u201d, 82nd INTERPOL General Assembly Session, Cartagena de Indias, Colombia."},{"key":"key2020122301473320900_b15","unstructured":"Northcutt, S.\n (2011), \u201cThe attack surface problem\u201d, SANS Technology Institute, available at: www.sans.edu\/research\/security-laboratory\/article\/did-attack-surface"},{"key":"key2020122301473320900_b16","unstructured":"Office of the Director of National Intelligence\n (2014), \n The National Intelligence Strategy of the United States of America\n , Office of the Director of National Intelligence, Washington, DC."},{"key":"key2020122301473320900_b18","unstructured":"Red Team Journal\n (2015), \u201cRed teaming and alternative analysis\u201d, available at: http:\/\/redteamjournal.com\/about\/red-teaming-and-alternative-analysis\/"},{"key":"key2020122301473320900_b19","unstructured":"Ross, R.\n (2011a), \u201cNIST special publication 800-30\u201d, \n Guide for Conducting Risk Assessments\n , National Institute of Standards and Technology (NIST), Washington, DC."},{"key":"key2020122301473320900_b20","unstructured":"Ross, R.\n (2011b), \u201cNIST special publication 800-39\u201d, \n Managing Information Security Risk Organization, Mission, and Information Systems View\n , National Institute of Standards and Technology (NIST), Washington, DC."},{"key":"key2020122301473320900_b21","unstructured":"RSA\n (2012), \n Getting Ahead of Advanced Threats\n , RSA, EMC Corporation, Hopkinton, MA."},{"key":"key2020122301473320900_b22","doi-asserted-by":"crossref","unstructured":"Stevens, T.\n (2013), \u201cCyberspace and national security: threats, opportunities, and power in a virtual world\u201d, \n Contemporary Security Policy\n , Vol. 34 No. 1, pp. 254-256.","DOI":"10.1080\/13523260.2013.776801"},{"key":"key2020122301473320900_b17","unstructured":"The Ponemon Institute\n (2013), \n The State of Risk-Based Security Management\n , Ponemon Institute, Traverse City, MI, available at: www.tripwire.com\/ponemon\/2013\/-metrics"},{"key":"key2020122301473320900_b23","unstructured":"The White House\n (2009), \n Cyberspace Policy Review\n , The White House, Washington, DC, available at: www.whitehouse.gov\/assets\/documents\/Cyberspace_Policy_Review_final.pdf"},{"key":"key2020122301473320900_b25","unstructured":"US Department of Defense\n (2011), \n Department of Defense Strategy for Operating in Cyberspace\n , US Department of Defense, Washington, DC."},{"key":"key2020122301473320900_b26","unstructured":"US Government Accountability Office\n (2006), \n Critical Infrastructure Protection: Progress Coordinating Government and Private Sector Efforts Varies by Sectors\u2019 Characteristics\n , US Government Accountability Office, Washington, DC."},{"key":"key2020122301473320900_b27","unstructured":"US Government Accountability Office\n (2013), \n A Better Defined and Implemented National Strategy Is Needed to Address Persistent Challenges\n , US Government Accountability Office, Washington, DC, available at: www.gao.gov\/assets\/660\/652817.pdf"},{"key":"key2020122301473320900_frd1","unstructured":"The White House\n (2008), \n The Comprehensive National Cybersecurity Initiative\n , The White House, Washington, DC, available at: www.whitehouse.gov\/issues\/foreign-policy\/cybersecurity\/national-initiative"}],"container-title":["Information & Computer Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/www.emeraldinsight.com\/doi\/full-xml\/10.1108\/ICS-09-2014-0064","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/ICS-09-2014-0064\/full\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/ICS-09-2014-0064\/full\/html","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,25]],"date-time":"2025-07-25T01:23:10Z","timestamp":1753406590000},"score":1,"resource":{"primary":{"URL":"http:\/\/www.emerald.com\/ics\/article\/23\/3\/317-332\/109567"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015,7,13]]},"references-count":27,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2015,7,13]]}},"alternative-id":["10.1108\/ICS-09-2014-0064"],"URL":"https:\/\/doi.org\/10.1108\/ics-09-2014-0064","relation":{},"ISSN":["2056-4961"],"issn-type":[{"value":"2056-4961","type":"print"}],"subject":[],"published":{"date-parts":[[2015,7,13]]}}}