Cyber Threat Intelligence - Service Description


Service Category - Threat Intelligence

Availability Status - Now

The effective mitigation of cyber risk, depends on, not only reducing the likelihood of incidents through preventative controls, but also uplifting situational awareness through detective and predictive measures. It is important for organisations to understand the threats they face, their capabilities and associated risks.

Cyber Threat Intelligence (CTI) is evidence-based knowledge about an existing or emerging threat or hazard which enables informed decision-making on how to respond to a cyber threat or hazard. CTI can provide Queensland Government agencies with a timely, relevant and actionable view of what assets are likely to be targeted, by which threat actors and through which means.

The Queensland Government CTI capability is underpinned by the following key processes:

CTI Process Diagram

Business Benefits
  • Detection and remediation of cyber security vulnerabilities before a cyber-attack results in disruption of business operations and potential reputational damage to an organisation.
  • Enhanced CTI sharing can reduce the frequency, impact and overall cost of cyber security incidents.
  • Establishing CTI capabilities within Queensland Government will reduce cyber risks, uplift cyber risk maturity, and help defend Queensland’s interests.
Government Benefits

Utilising this service will help to enable QG organisations to meet their obligations as specified under the Information Security Policy (IS18:2018) and improve cyber security maturity.

Technical Benefits
  • Establishing a central CTI capability will allow for rapid ‘inoculation’ of Queensland Government information systems against emerging threats.
  • Reduction in cyber security incidents and their impacts.
  • Increased incident detection:
    • Data breaches
    • Malware / trojan infections
    • Phishing / spear-phishing
    • Denial of service attacks
    • Crypto-mining malware.

Eligibility and Funding

Entity Type

Eligibility

Cost

Queensland Government Agencies

Eligible

No Cost

Statutory Bodies

Eligible

No Cost

Local Government

Eligible

No Cost

Government Owned Corporation (GOC)

Eligible

No Cost

Related Services

Office 365 Monitoring and Response Service (Sentinel)

QGCDG has deployed a whole of Queensland Government (WoQG) O365 security monitoring capability based on the Microsoft Sentinel platform. The service enables security alerts from multiple tenancies to be consolidated and monitored by a central team of cyber security analysts with a goal of turning detection in one tenancy into protection in all tenancies.

Vulnerability Management CoP

The Vulnerability Management Community of Practice (CoP) consists of an organised group of ICT professionals from Queensland Government agencies who meet on a regular basis to collaborate and share information, improve their cyber security skills, and actively work on advancing their general knowledge of Vulnerability Management.

Service Provisioning

Please complete the Cyber Threat Intelligence service application Form to commence onboarding or view the CTI Implementation and Support resources for more detailed information about this service. Alternatively, contact your Cyber Security Unit representative at CyberSecurityUnit@chde.qld.gov.au to discuss how we can assist you.

Partnership Arrangement

The Cyber Security Unit Partnership Arrangement details the collaborative approach between the CSU and the Client to promote the uptake of Cyber Security Services with the aim of increasing the protection of the Queensland Government information systems from cyber security threats.


Last Reviewed: 01 April 2022