In the third episode of the Intelligence Tradecraft podcast, Scott Small, the Director of Cyber Threat Intelligence at Tidal Cyber, shares his journey into the field of cyber threat intelligence (CTI), discussing his background, current responsibilities, and the importance of curiosity and empathy in intelligence analysis.
He emphasizes the role of AI and open-source intelligence in enhancing threat detection and response, while also addressing the challenges of implementing threat-informed defense strategies. The discussion highlights the significance of stakeholder engagement, the value of writing in intelligence, and the need for continuous learning and networking within the cybersecurity community.
Takeaways
Curiosity is essential for success in intelligence analysis.
Writing helps clarify thoughts and improve analytical skills.
AI is transforming the landscape of cybersecurity and threat intelligence.
Stakeholder engagement is crucial for effective intelligence sharing.
Open-source intelligence provides valuable insights for threat analysis.
Empathy allows analysts to understand diverse perspectives in intelligence.
Structured analytic techniques enhance the quality of intelligence analysis.
Networking within the cybersecurity community fosters collaboration and learning.
Trustworthy sources are vital for accurate intelligence gathering.
Incident-driven intelligence can lead to proactive security measures.
Resources references mentioned
- Tidal Cyber web site – https://www.tidalcyber.com/
- What are TTPs – https://csrc.nist.gov/glossary/term/tactics_techniques_and_procedures
- Cyber Kill Chain – https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.html
- Unified Kill chain – https://www.unifiedkillchain.com/
- my LinkedIn – https://www.linkedin.com/in/fmurre/
- my GitHub – https://github.com/Errum/IntelArchitectureMap
- Katie Nickels – CTI study plan 1 – https://medium.com/katies-five-cents/a-cyber-threat-intelligence-self-study-plan-part-1-968b5a8daf9a
- Katie Nickels – CTI study plan 2 – https://medium.com/katies-five-cents/a-cyber-threat-intelligence-self-study-plan-part-2-d04b7a529d36
- Curated Intel CTI fundamentals – https://github.com/curated-intel/CTI-fundamentals
- Intelligence Tradecraft Structured Analytic Techniques (SAT) training – https://inteltradecraft.com/sat-certifications
- Workshop I teach at FIRST CTI – https://www.first.org/conference/firstcti25/program#pIntelligence-Collection-Planning-Workshop-How-to-Create-A-Plan-that-Synchronizes-Collection-with-Your-Stakeholders-Needs
- NFCERT CTL – https://communication.nfcert.org/hubfs/CTL_Reports/2025%20TLP_CLEAR%20NFCERT%20Cyber%20Threat%20Landscape%20(CTL)%20Report%20v1.0.pdf
This interview was recorded in April 23rd, 2025 during the FIRST CTI Conference in Berlin.