User:V0n57873/Evaluate an Article

Which article are you evaluating?
Cyber Threat Intelligence

Why you have chosen this article to evaluate?
As more cyber threats disable the operational continuance for many critical infrastructure, it is imperative that individuals understand how they can be proactive in protecting their assets. Cyber threat intelligence, provides avenues to understand how and what can be performed to keep information protected and how attacks could exploit data. Not many can explain CTI in layman's terms and therefore I wanted to see the ability in this article.

Evaluate the article
The evaluation consisted of the factual and accuracy on CTI that was represented. Also, in checking actual references that made sense within the topic, where in fact verified and that plagiarism was not evident. The article was well segmented to illustrate why CTI is important, the attacks that are present conflicting harm on business and how CTI is helping mitigate exploitation. the article had sections describing different types of CTI, benefits of CTI and further information on how government entities are pushing entities to share information and data on threats found via various intelligence. The references in the article are relevant and lead to some very good citations to further the understanding of CTI. Further reading is also added in order for the viewer to continue research on the subject. This is a well written article, which can be understood by different levels of readers.

Lead Section

The article clearly describes cyber threat intelligence (CIT) within the first sentence the understanding of threat from a physical and cyber analogy, including the inclusion of threat actors. It goes on to mention how CTI includes ways to help mitigate the attacks. Although the article does discuss CTI in detail within the lead section highlighting strategies and prevention requirements, it does not go into detail on the major sections. The lead section discusses information on threat exploitation percentages and the rise of threat during the Covid pandemic. This was not mentioned further in the article and should have been expanded upon. I found the lead section to be over detailed and some of the information could have been included in following sections. I feel that the section should have included a very high-level approach on what CTI is and how the article will go into detail on main ideas in the major sections.

Content

The article’s content is relevant to CTI, as there are insights on the different types on the topic, tactical, operational, and strategic, which details their importance. I found the content to be a few years old and in CTI, there should be constant updating on changes and new methods in utilizing the methodology. In reading over the article, I found that since CTI is a vast topic, there should have been further insights on the advanced measures used by both attackers and defenders and methodology around how red and blue teams use this information. Also, I would have expanded the CTI conversation into how data is secured against threats in the cloud, storage, and emerging technologies i.e., IoT. The article does not mention or discuss underrepresented populations or topics.

Tone and Balance

I found the CTI article very neutral a it was informing the reader about the technologies and various types that exist. At no point were the writers trying to persuade or seem bias toward the topic. The article was informative and provided key elements around CTI.

Sources and References

Throughout the article, there are various points to consider about CTI. The discussion around government elements affecting the rise of CTI and benefits that the technology could have towards both public and private entities is reinforced by several references. The article provides further links to technologies and threats that can increase the readers awareness and requirements around CTI. I found the references to be very strong in this article, explaining further how the information was collected. Further reading is also provided to increase the readers depth of knowledge on why the topic is important. Sources included blogs, articles and books published over the past 7 years that included various topics included within the CTI ecosystem. The topics varied from understanding CTI to how MSPs are establishing the CTI lifecycle. A key to further CTI is the overall explanation of threat hunting and how this capability allows for a successful operational and tactical thought process around predictively protecting information.

Organization and writing quality

Although the writing quality is done well, I would organize the article so that key elements and benefits around CTI are highlighted after the lead section. The article does present the reader with a flow towards what, why and variables that make the topic important for future use.

Images and Media

Unfortunately, the article did not contain images or media, which could have been used to elevate the readers understanding of CTI. Images would have illustrated the CTI flow from research, defense, prediction, and response to threats.

Talk Page Discussion

Being a new topic to Wikipedia, the talk section was very minimal. It contained two responses from readers who stated that they would like to further on a couple of the sections and wondering what the rules of engagement were in adding information.

Overall Impressions

The article reviewed is a good start to what CTI is however I believe that further information can be included, to educate the reader. CTI has a lifecycle that includes intelligence and security tools that can be used to understand how threats evolve. This includes incident response, security operations, vulnerability management, risk analysis, fraud management and security leadership. Although each are topics on their own, they should be detailed and expanded upon within the CTI article as they provide good insight on the importance of threat intelligence. Although CTI is a relatively new topic within the young cybersecurity environment, it depends on established security topics that should be included within the article, to increase the readers understanding and how they can contribute to data strengthening. Overall, the article was a good start and included many good links to associated technology, however it has a long way to go, being such an important topic to comprehend.