Institute of Cyber Threat Management

Cyber Threat Management Framework (CTMF) Project

OODA loop

CTMF Benefits

The cyber threat landscape continues to evolve fast. It is clear most don't have a good strategy to manage these threats. The CTMF is like a blueprint for successfully managing cyber threats including how to organize the efforts, best practices, and state of the art techniques.

The key benefits of CTMF are:

  • Early detection of threats
  • Instant recognition of potential impact
  • Faster decision for expedient, damage limiting actions

CTMF Overview

CTMF is a comprehensive framework

build upon the OODA (Observe, Orient,

Decide, Act) decision cycle that enables

cyber threat management with the 

speed and agility needed in today's

real-time dynamic threat environment.


Detect use case development

Content architecture

Use case optimization

Use case control testing

Honeypot development

Sensor data

Use case cost modeling


Intelligence gathering

Intelligence data mining

Risk assessment

Control assessment

Behavior modeling

Context enrichment

Threat data warehousing

Security Data Science


Situational awareness

Automated triage

Security analyst  (human) triage


Malware Analysis

Automating responses

Incidents Response

Response operations

Security Operations Center

Volunteer Opportunities

We are excited to be developing the world’s first independent framework for CTM and this is a true ground floor opportunity for experienced professionals to take part in the success of IOCTM. We are looking to add industry professionals with demonstrated expertise in major subject matter areas of CTM including:

  • Intelligence research and gathering
  • Automating intelligence data management
  • Threat intel exchange and information standards STIX, TAXII
  • Data management constructs CybOX, MAEC, CAPEC and CPE
  • Asset management in the context of prioritizing and categorizing threats
  • Advanced SIEM use cases for operationalizing the management of threat data, mapping them to business rules
  • Security Intelligence – using Bigdata analytics, behavioral profiling and other data science techniques to discover threats from ordinary system or operational data
  • Manual and automated end-point and network forensics
  • Incident Response including automating IR and automating response
  • Malware analysis including setting up automated analysis environments based on commercial or open source tools such as Cuckoo sandbox
  • Secure Operations Center (SOC) analysts, management and support personnel
  • Threat management metrics, VERIS, Cyber Kill Chain, etc.

We are currently forming the CTMF working group. Please join us if you'd like to get involved or access related content.

Email: memberadmin at

Privacy and Security

Copyright © 2015 IOCTM, Inc. All rights reserved.

Powered by Wild Apricot. Try our all-in-one platform for easy membership management