The tactical level of a cyber intel program begins with the collaboration of the IT and InfoSec leadership:
- IT service managers
- Security operations managers
- Security managers
At this level, leaders should do the following:
- Support the identification of critical information, systems, or technology
- Report the threats and vulnerabilities to the enterprise
- Provide support to leadership to make a risk-based decision on information to reduce threats and vulnerabilities
- Support the development and enforcement of policy and procedures that are in line with business objectives