In this chapter, we had a high-level review of the F3EAD process and its application in military special forces. To better understand how the F3EAD process fits into the bigger picture, we worked from the top down using the concepts that have been discussed in previous chapters. The F3EAD can be thought of as a variant and/or subprocess within the intelligence cycle that takes its inputs from Tactical Level collection priorities and outputs to the Tactical Level analysis step. As the Cyber Kill Chain is an example of the steps that are required to exploit an organization from an adversary's perspective, we've mapped these steps to the OODA loop to visualize the decision-making process. From there, we've related the phases of the Cyber Kill Chain to OPSEC and put into context how the intelligence cycle maps to how we can establish countermeasures. Next, we've learned how F3EAD fuels the tactical and strategic intel process cycle by providing information that is required for analysis from the operational level.

The next few chapters are going to be talking about how we can better implement specific information that we get from tools. The specific information that we are looking for comes from specialized teams, thus different disciplines of intelligence. Because there are different types of intelligence, we will introduce examples of Capability Maturity Models with milestones for each of the teams to meet a strategic target capability. 

First up, is understanding how we incorporate cyber threat intelligence into the enterprise's operations.