Episode 26 — A.5.7–5.8 — Threat intelligence; Security in project management
A.5.7 introduces threat intelligence as a structured capability to collect, analyze, and share information about adversaries, techniques, vulnerabilities, and emerging risks that could affect the organization. For the exam, remember that intelligence must be actionable—timely, relevant, and validated—so it can inform risk assessments, control tuning, and incident readiness. Sources can include commercial feeds, ISAC/ISAO communities, vendor advisories, and internal telemetry; the value lies in analysis, not volume. A.5.8 extends this mindset into project management by requiring that security requirements be planned, resourced, and governed throughout the project lifecycle. Candidates should recognize the through-line: intelligence sharpens understanding of probable threats, and project security ensures designs, suppliers, and deployments incorporate mitigations before risks crystallize.
Operationally, organizations codify intelligence workflows with collection plans, confidence scoring, and defined dissemination paths to patch management, SOC operations, and architecture teams. Intelligence-led change might accelerate patch windows, add detections for a new TTP, or alter supplier due diligence. In projects, gating criteria—security requirements, design reviews, privacy impacts, and pen test exit conditions—are embedded in charters and schedules, with acceptance criteria mapped to risks and policies. Pitfalls include dumping unfiltered feeds on analysts, treating “security in projects” as a checkbox late in delivery, and failing to update requirements when intelligence shifts. Effective programs measure time-to-detect from first advisories, the percentage of projects with completed security gates, and defect escape rates into production. Candidates should be prepared to explain how the two controls reinforce PDCA: intelligence informs plans, projects implement mitigations, monitoring validates outcomes, and lessons learned refine both pipelines. Produced by BareMetalCyber.com, where you’ll find more cyber audio courses, books, and information to strengthen your educational path. Also, if you want to stay up to date with the latest news, visit DailyCyber.News for a newsletter you can use, and a daily podcast you can commute with.
