The IT Law Wiki


Cyber threat information is

[i]nformation (e.g., indications, tactics, techniques, procedures, behaviors, motives, adversaries, targets, vulnerabilities, courses of action, or warnings) regarding an adversary, their intentions, or actions against information technology or operational technology systems.[1]
any information that can help an organization to identify, assess, monitor, and respond to cyber-threats. Examples of cyber-threat information include indicators (system artifacts or observables associated with an attack), TTPs, security alerts, threat intelligence reports, and recommended security tool configurations.[2]


  1. NIST Special Publication 800-150, at 59.
  2. Cyber-Threat Intelligence and Information Sharing, at 1.

See also[]