Request a Demo

The Noggin Platform

The world's leading integrated resilience workspace for risk and business continuity management, operational resilience, incident & crisis management, and security & safety operations.

Learn More
Integrations
Library
Emergency Management
Emergency Management

Emergency management software.

Crisis management
Crisis Management

Crisis management software.

Business Continuity & Resilience
Business Continuity & Resilience

Business Continuity & Operational Resilience software.

Work Safety
Work Safety

Safety management software.

operational security
Security Management

Operational security management software.

Find Your Solution
  • Crisis management Crisis Management
  • Emergency Management Emergency Management
Crisis management

Crisis Management

Apply best practices to plan for, respond to, and manage critical events and exercises. Built on ISO standards, you can respond faster with better collaboration using plans and playbooks, smart workflows, and real-time dashboards and insights, to ensure better incident response, decision-making, and continuous improvement.

Learn More
Request a Demo
Featured Modules
  • Incident Response Plans & Checklists
  • Critical Infrastructure Protection
  • Welfare Checks
  • Continuous Improvement
Emergency Management

Emergency Management

All the information and tools needed to manage any incident effectively through the entire lifecycle of mitigation, preparedness, response, and recovery, following ISO, ICS and other national standards. Keep your whole team following the same plans, communicating on the same platform, and viewing the same operating picture - from any place or device.

Learn More
Request a Demo
Featured Modules
  • Security Threat Assessment
  • Incident Management
  • Planned Events
  • Lone Worker Management
  • Safety Management Safety Management
  • Employee Health & Wellbeing Employee Health & Wellbeing
  • Governance Risk & Compliance Governance, Risk & Compliance (GRC)
  • Asset Management Asset Management
  • Contractor Management Contractor Management
  • Visitor Management Visitor Management
  • Emergency Management Emergency Management
Safety Management

Safety Management

All the tools needed to automate your safety management system in one easy-to-use platform, following ISO standards. Increase efficiency with powerful automation capabilities and provide real time insights to all levels of your business. Configurable notifications, workflows, analytics, and mapping empower your safety personnel to make better decisions wherever they are.

Learn More
Request a Demo
Featured Modules
  • Incident Management
  • Injury Management
  • Online Inductions
  • Reporting & Analytics
Employee Health & Wellbeing

Employee Health & Wellbeing

Maintain a comprehensive view of the wellbeing of your workers, their needs, and the wellbeing initiatives conducted in your organization. Through various assessments, checks, analytics, and resources you can easily manage both the physical and mental wellbeing of personnel across various locations and programs.

Learn More
Request a Demo
Featured Modules
  • Wellbeing Reporting
  • Ergonomic Assessment
  • Vaccination Management
Governance Risk & Compliance

Governance, Risk & Compliance

A suite of tools to collect risk data from across your organziation from a range of stakeholders, in real time, and based on ISO standards. Fully customisable, with everything from a simple pre-task assessment though to an organisational risk register, we make it easy to capture risk data and provide the analytics to derive rich insights, to keep your organisation safe and compliant.

Learn More
Request a Demo
Featured Modules
  • Audits
  • Inspections
  • Take 5
  • Standards Compliance
Asset Management

Asset Management

Track all your assets from your vehicle fleet, fixed or mobile plant and equipment though to your critical infrastructure using our range of tools. Plan maintenance ahead of time and by collecting lead indicator data from checklists and assessments on any mobile device, then enable users to update the status of your assets to track utilisation, share documentation and report issues.

Learn More
Request a Demo
Featured Modules
  • Asset assessments & checklists
  • Workorder Management
  • Planned Maintenance
  • Asset Status Tracking
Contractor Management

Contractor Management

Save time and money by enabling contractors to self-register and progress through a customizable workflow, to check documentation before becoming an approved contractor. Contractors can then be automatically followed up using workflows and notifications to keep their organziation compliant.

Learn More
Request a Demo
Featured Modules
  • Contractor Entities
  • Contractor Workers
  • Contractor Plant
Visitor Management

Visitor Management

Streamline visitor sign-in using a QR code on a form tailored for your organisation. Visitors can complete inductions, answer questions and acknowledge content then have notifications triggered to their host based on their responses. Once on site, manage visitor cards, broadcast notifications and understand visitor trends to optimise your processes.

Learn More
Request a Demo
Featured Modules
  • Visitor Registration (QR Code)
  • COVID Management
  • Emergency Notifications
  • Host Notifications
Emergency Management

Emergency Management

All the information and tools needed to manage any incident effectively through the entire lifecycle of mitigation, preparedness, response, and recovery, following ISO, ICS and other national standards. Keep your whole team following the same plans, communicating on the same platform, and viewing the same operating picture - from any place or device.

Learn More
Request a Demo
Featured Modules
  • Featured Modules:
    Situational Awareness & Reporting
  • Incident & Special Event Pre-Planning
  • Damage Assessments
  • Exercise Management
  • Physical Security Physical Security
  • Cyber Security Cyber Security
  • Visitor Management Visitor Management
  • Critical Infrastructure Protection Critical Infrastructure Protection
  • Emergency Management Emergency Management
  • Governance Risk & Compliance Governance, Risk & Compliance
  • Asset Management Asset Management
  • Contractor Management Contractor Management
Physical Security

Physical Security

Proactively manage all aspects of physical security operations from anywhere, on any device. Based on ISO standards, streamline your operations using workflow automations to guide information capture, enrichment, follow up tasks, and notifications. Validate threats and risks to drive better investment of your resources.

Learn More
Request a Demo
Featured Modules
  • Cyber Threats & Treatments
  • Standards Compliance
  • Audits & Inspections
  • Compliance Obligations & Breaches
Cyber Security

Cyber Security

Manage cyber threats, risks, and treatments based on industry best-practice guidelines and ISO standards. Plan objectives and set targets, manage all elements of standards-compliance, and schedule and record audits and inspections. Manage non-compliances and corrective actions, and drive continual improvement review cycles.

Learn More
Request a Demo
Featured Modules
  • Cyber Threats & Treatments
  • Standards Compliance
  • Audits & Inspections
  • Compliance Obligations & Breaches
Visitor Management

Visitor Management

Streamline visitor sign-in using a QR code on a form tailored for your organisation. Visitors can complete inductions, answer questions and acknowledge content then have notifications triggered to their host based on their responses. Once on site, manage visitor cards, broadcast notifications and understand visitor trends to optimise your processes.

Learn More
Request a Demo
Featured Modules
  • Visitor Registration (QR Code)
  • COVID Management
  • Emergency Notifications
  • Host Notifications
Critical Infrastructure Protection

Critical Infrastructure Protection

Consolidate the threat and risk picture across all your assets, easily demonstrate compliance with security obligations, and gain an ‘all threats’ perspective encompassing physical, cyber, personnel and supply chain. Address and manage cyber threats without having to implement costly new ICT systems and drive continuous improvement and review cycles.

Learn More
Request a Demo
Featured Modules
  • Risk & Threat Assessments
  • Security Inspections
  • Crowded Place & Impact Assessments
Emergency Management

Emergency Management

All the information and tools needed to manage any incident effectively through the entire lifecycle of mitigation, preparedness, response, and recovery, following ISO, ICS and other national standards. Keep your whole team following the same plans, communicating on the same platform, and viewing the same operating picture - from any place or device.

Learn More
Request a Demo
Featured Modules
  • Situational Awareness & Reporting
  • Incident & Special Event Pre-Planning
  • Damage Assessments
  • Exercise Management
Governance Risk & Compliance

Governance, Risk & Compliance

Manage cyber, emergency and security threats, risks, and treatments based on industry best-practice guidelines and ISO standards. Plan objectives and set targets, manage all elements of standards-compliance, and schedule and record audits and inspections. Manage non-compliances and corrective actions and drive continual improvement review cycles.

Learn More
Request a Demo
Featured Modules
  • Cyber Threats & Assessments
  • Standards Compliance
  • Audits & Inspections
  • Compliance Obligations & Breaches
Asset Management

Asset Management

Track all your assets from your vehicle fleet, fixed or mobile plant and equipment though to your critical infrastructure using our range of tools. Plan maintenance ahead of time and by collecting lead indicator data from checklists and assessments on any mobile device, then enable users to update the status of your assets to track utilization, share documentation and report issues.

Learn More
Request a Demo
Featured Modules
  • Asset assessments & checklists
  • Workorder Management
  • Planned Maintenance
  • Asset Status Tracking
Contractor Management

Contractor Management

Save time and money by enabling contractors to self-register and progress through a customizable workflow, to check documentation before becoming an approved contractor. Contractors can then be automatically followed up using workflows and notifications to keep their organziation compliant.

Learn More
Request a Demo
Featured Modules
  • Contractor Registration
  • Permit to Work
  • Work Orders
  • Contractor Self-Administration
  • Business Continuity Planning Business Continuity Planning
  • Crisis Management Crisis Management
  • Governance Risk & Compliance Governance, Risk & Compliance (GRC)
  • Continuity of Operations Continuity of Operations (COOP)
Business Continuity Planning

Business Continuity Planning

Follow ISO standard approaches to determine disruption impacts and develop plans & recovery strategies to address risks. Track gaps, dependencies and tests, capture exercises, and manage insurance details. Scale up to any incident and back down to business as usual as quickly as possible and drive continuous improvement.

Learn More
Request a Demo
Featured Modules
  • Business Impact Assessments
  • Incident & Exercise Management
  • Recovery Strategy Tracking
  • Continuity of Operations (COOP)
Crisis Management

Crisis Management

Apply best practices to plan for, respond to, and manage critical events and exercises. Built on ISO standards, you can respond faster with better collaboration using plans and playbooks, smart workflows, and real-time dashboards and insights, to ensure better incident response, decision-making, and continuous improvement.

Learn More
Request a Demo
Featured Modules
  • Incident Response Plans & Checklists
  • Critical Infrastructure Protection
  • Welfare Checks
  • Continuous Improvement
Governance Risk & Compliance

Governance, Risk & Compliance

Manage cyber, emergency and security threats, risks, and treatments based on industry best-practice guidelines and ISO standards. Plan objectives and set targets, manage all elements of standards-compliance, and schedule and record audits and inspections. Manage non-compliances and corrective actions and drive continual improvement review cycles.

Learn More
Request a Demo
Featured Modules
  • Cyber Threats & Treatments
  • Standards Compliance
  • Audits & Inspections
  • Compliance Obligations & Breaches
Continuity of Operations

Continuity of Operations (COOP)

Ensure preparedness across your organisation. Conduct business impact assessments and quickly identify essential functions. Assess hazard and threat risks. Identify technology, assets, facilities, and critical personnel. Gather and assemble essential information and documents. Develop, test and maintain your COOP plans. From readiness and preparedness to reconstitution, manage all four phases of the Continuity of Operations Plan to minimize business loss and disruption.

Learn More
Request a Demo
Featured Modules
  • Business Impact Assessments
  • Threat & Hazard Identification
  • Continuity of Operations Plans Management
  • Testing, Training & Exercises
Resource 4
Whitepaper

A Comprehensive Guide to Understanding ISO45001

Access the Guide

Who We Are

The world’s leading platform for integrated safety & security management.

Learn More

Six Stages of the Threat Intelligence Lifecycle

As the cyber threat intensifies, businesses have become ever more reliant on threat intelligence, or threat information that’s been aggregated, transformed, analyzed, interpreted, or enriched. Of course, that process of turning threat information into the intelligence necessary for decision making isn’t static.

What’s the threat intelligence lifecycle all about? Read on to learn the six stages of the threat intelligence lifecycle.

What is the threat intelligence lifecycle?

For starters, the threat intelligence lifecycle is meant to be an ongoing process. Not a standalone process, either, the lifecycle should be part of an organization’s larger cybersecurity strategy, as well.

But what is the threat intelligence lifecycle, exactly?

Well, in its simplest terms, the threat intelligence lifecycle is the end-to-end cyber security and resilience process of (a) first procuring evidence-based intelligence about potential cyber threats, (b) then leveraging that information to build best-practice cyber defenses around your digital estate, (c) responding proactively to attacks before they become major cyber incidents, and finally(d) investigating how successful attacks happened to improve cyber resilience going forward.

The stages of the threat intelligence lifecycle

What does it comprise, though? The threat intelligence lifecycle itself consists of the following six stages:

1. Direction

In the direction phase, organizations determine which threats to focus on. This involves assessing the risk that different threats pose to an organization and prioritizing threats that are most serious.

Here, the most actionable threat intelligence is highly focused on specific events or activities. Organizations use a variety of different methodologies to determine which threats to focus on; they include:

  • Threat risk assessments. Threat risk assessments involve assessing the likelihood and impact of a threat happening. This information can be used to create a risk profile for an organization and determine which threats are serious.
  • Threat prioritization matrices. Threat prioritization matrices are used to compare different threats against each other to determine which ones are most important.  
  • Threat severity ratings. Threat severity ratings are used to measure how severe a threat is and determine how much attention it requires.

2. Information Collection

The collection phase of the threat intelligence lifecycle involves gathering information about threats. This can be done through open-source intelligence (OSINT), network scanning, consulting subject matter experts, and/or any other method. OSINT, for example, is the process of collecting information from publicly available sources, e.g., social media, news reports, blogs, and websites. Meanwhile, network scanning entails using tools to identify hosts and services on a network.

3. Organizing & Analyzing Collected Information

This phase of the threat intelligence lifecycle is all about organizing and analyzing collected information, which involves sorting through data, identifying patterns, and extracting meaning from it. Data mining, data analysis, and threat modeling are the most common methods employed during this stage. However, information yielded at this stage, whatever the methodologies used to acquire it, should be used to create mitigation plans and make decisions about security controls.

4. Transform Data into Intelligence

In this phase of the threat intelligence lifecycle, data is transformed into intelligence, at which time professionals review the collected information in security management software platforms, distilling it into actionable intelligence.

5. Intelligence Sharing

This phase is all about sharing intelligence with relevant stakeholders, be they partners, regulators, customers, etc. The best-practice for the presentation of analysis at this stage is contextually tailoring your work product (often a technical report) based on the technical experience of the audience in question.

6. Feedback & Continuous Improvement

The final feedback stage involves receiving feedback on the provided report to determine whether adjustments should be made to future threat intelligence priorities. Indeed, priorities might change, or the disseminated report might raise new questions that need to be addressed in the next report.

As layered as this threat intelligence lifecycle is, however, it should always be considered part of the company’s larger cyber security strategy.

Now, what’s the point of that strategy? A cyber security strategy should help an organization eliminate the potential risks and costs of an attack as well as build cyber resilience in the process. For more on cyber resilience and the digital strategies and tools needed to build and maintain it, download our Introductory Guide to Cyber Resilience.

Noggin - Guide - What is Cyber Resilience

 

About this Article

The Author