The IT Law Wiki
Explore
Main Page
All Pages
Community
Interactive Maps
Random page
TopContent
Most Visited Pages
Cloud computing
Radio frequency spectrum
RFID tag
Information environment
E-mail
Address box
Cyberspace
Newly Changed Pages
Black hat SEO
Revenge porn
Pornography
Generative AI pornography
Deep fake
Domain Name and Addressing System
Laws Relating to Filtering, Blocking and Usage Policies in Schools and Libraries
Most Popular Pages
community
Community portal
forum
FANDOM
Fan Central
BETA
Games
Anime
Movies
TV
Video
Wikis
Explore Wikis
Community Central
Start a Wiki
Don't have an account?
Register
Sign In
Start a Wiki
Sign In
Don't have an account?
Register
Sign In
The IT Law Wiki
Explore
Main Page
All Pages
Community
Interactive Maps
Random page
TopContent
Most Visited Pages
Cloud computing
Radio frequency spectrum
RFID tag
Information environment
E-mail
Address box
Cyberspace
Newly Changed Pages
Black hat SEO
Revenge porn
Pornography
Generative AI pornography
Deep fake
Domain Name and Addressing System
Laws Relating to Filtering, Blocking and Usage Policies in Schools and Libraries
Most Popular Pages
community
Community portal
forum
Sign In
Don't have an account?
Register
Sign In
Explore
Fan Central
Current
Sign In
Register
The IT Law Wiki
34,539
pages
Explore
Main Page
All Pages
Community
Interactive Maps
Random page
TopContent
Most Visited Pages
Cloud computing
Radio frequency spectrum
RFID tag
Information environment
E-mail
Address box
Cyberspace
Newly Changed Pages
Black hat SEO
Revenge porn
Pornography
Generative AI pornography
Deep fake
Domain Name and Addressing System
Laws Relating to Filtering, Blocking and Usage Policies in Schools and Libraries
Most Popular Pages
community
Community portal
forum
in:
Definition
,
Cybersecurity
Cyber threat indicator
Sign in to edit
History
Talk (0)
Definition
[
]
A
cyber threat indicator
(
CTI
) is
“
information
that is necessary to describe or identify —
(A)
malicious
reconnaissance
, including anomalous patterns of
communications
that appear to be
transmitted
for the purpose of gathering
technical information
related to a
cybersecurity threat
or
security vulnerability
;
(B) a method of defeating a
security control
or
exploitation
of a
security vulnerability
;
(C) a
security vulnerability
, including anomalous activity that appears to indicate the existence of a
security vulnerability
;
(D) a method of causing a
user
with legitimate
access
to an
information system
or
information
that is
stored
on,
processed
by, or
transiting
an
information system
to unwittingly enable the defeat of a
security control
or
exploitation
of a
security vulnerability
;
(E)
malicious
cyber
command and control
;
(F) the actual or potential harm caused by an
incident
, including a description of the
information
exfiltrated
as a result of a particular
cybersecurity threat
;
(G) any other
attribute
of a
cybersecurity threat
, if
disclosure
of such
attribute
is not otherwise prohibited by law; or
(H) any combination thereof.
[1]
”
References
[
]
↑
Privacy and Civil Liberties Interim Guidelines: Cybersecurity Information Sharing Act of 2015
, at 15-16.
Follow on IG
TikTok
Join Fan Lab