Cyber Threat Management is largely ineffective in most organizations. This is evident in the numerous large-scale data breaches being announced almost daily. We believe several things are needed to enable effective Cyber Threat Management (CTM):
- The existing training and education resources aren't keeping up with today's global cyber threats. These training organizations are already stretched thin and now are scrambling to offer "Cyber Security" or "Continuous Monitoring" courses. These organizations failed to prepare professionals for today's cyber threats so why trust them now? The IOCTM focuses only on Cyber Threat Management providing the specialized training and educational resources needed to prepare the next generation of cyber threat management professionals.
- There is no widely accepted common methodology or process for CTM. Speed and agility are critical for effective CTM and therefore a cohesive practice framework is needed. The IOCTM defines a widely accepted framework and benchmarks for CTM while helping professionals grow their careers as Cyber Threat professionals through education, training and knowledge sharing.
- There are many professionals performing CTM but are disconnected from the overall program. Often this is because an overall program has not been defined within their organization. The IOCTM connects current and future CTM practitioners including SIEM administrators, forensics investigators, SOC analyst, and other professionals that may have been otherwise lumped into obscure job roles in generic information security departments.
- There is very little vendor agnostic training and educational resources for CTM professionals. Most have to rely on vendor training and collaboration through intelligence groups to hone their craft. IOCTM provides training, information sharing and other resources to Cyber Threat practitioners.