After months of preparation and hard work, the first version of the CTI Capability Maturity Model (CTI-CMM) is live. This model complements existing frameworks by offering a unique, use case-driven approach that ties CTI practices directly to business and risk outcomes with a stakeholder-focused perspective.
As the first full release, it includes future plans for additions such as the Fraud domain, metrics and measurement, and tools. Developed from the ground up by over 30 intelligence professionals with extensive experience in creating hundreds of cyber threat intelligence programs, this model is designed to benefit all organizations. It supports emerging CTI functions with practices at foundational, advanced, and leading levels, empowering even the most advanced programs. Organizations are encouraged to start by preparing and assessing specific stakeholders, domains, and maturity levels to fully leverage the model's potential.
CTI-CMM prioritizes delivering value to stakeholders—the decision-makers who protect your organization. It focuses on building capabilities that solve their problems and create enduring benefits.
CTI-CMM aligns CTI practices with stakeholder maturity levels, bridging gaps and maximizing the potential of your CTI program by meeting specific expectations.
Developed by a diverse volunteer group of industry experts from various sectors and geographies, CTI-CMM leverages extensive experience in building and leading CTI programs at both tactical and strategic levels.
- Complementary Model: Works alongside existing models like CREST, Eclectic, Google, and others.
- Use Case-Driven: Ties CTI practices to business and risk outcomes with a stakeholder-focused approach.
- Comprehensive: The first full release includes future enhancements like the Fraud domain, metrics, and tools.
- Expert Contributions: Contributions from over 30 intelligence professionals globally, with experience in building hundreds of CTI programs.
- Universal Benefit: Applicable to all organizations, offering practices for foundational, advanced, and leading levels, empowering even the most advanced CTI functions.
CTI-CMM distinguishes itself from other cybersecurity maturity models (C2M2, CMMC, NIST) by focusing on Cyber Intelligence and Cyber Threat Intelligence practices. It aligns with C2M2 to define outcome-focused Cyber Intelligence programs.
Organizations are encouraged to assess and prepare specific stakeholders, domains, and maturity levels to fully benefit from CTI-CMM.
A big part of our approach is feedback & improvement. For the moment, there are two ways of sharing your feedback with us.
EMAIL: Use the email form on https://cti-cmm.org/
GITHUB: Use the Discussion feature on Github and/or raise an Issue.
Let us know what you think!
Cheers!