Sector Threat Intelligence

Subscription-based threat intelligence tailored to your sector — for finance, civil protection, and pro-defence.

Three sector briefings

Each briefing written for a specific audience, covering threat vectors and TTPs relevant to that sector.

Financial Sector Threat Brief

Audience: CISO / CIO / Security Director at fintech, banking, payment institutions.

Scope: active ransomware campaigns targeting the sector, phishing kits and social engineering around payment processes, APT activity and TTPs focused on fintech, threat landscape updates under PSD2/PSD3, AMLA, DORA.

FINANCE

Civil Protection Threat Brief

Audience: NGO leadership, civil-protection coordinators, civil-defence organisations.

Scope: influence operations and disinformation campaigns targeting NGOs and the civil-protection sector, hybrid threats (cyber-kinetic), state-sponsored campaigns, OSINT signals from social platforms.

CIVIL PROTECTION

Pro-defence Sector Threat Brief

Audience: defence contractors, dual-use tech companies, pro-defence organisations.

Scope: industrial espionage and defence supply-chain targeting, insider threats and OPSEC failures, threat actor profiles relevant to the defence sector, geopolitical context and emerging threats.

PRO-DEFENCE

What's in a briefing

Weekly or monthly digestible reportsPDF + executive summary, aligned with the organisation's management cycle.
IoCs (Indicators of Compromise)STIX/TAXII as standard format, ready for integration with existing detection stack.
TTPs mapping to MITRE ATT&CKEach finding mapped to specific MITRE ATT&CK techniques and tactics — a shared language for SOC teams.
Custom alerts for high-priority threatsAd-hoc alerts sent immediately upon detection of a critical threat targeting your sector.
Quarterly debrief session with an analyst90-minute executive-level session — trend interpretation, Q&A, priority calibration for the next quarter.

Delivery format

Email subscription — PDF reports, weekly digest + ad-hoc alerts.
Webinar — quarterly executive debrief with an analyst.
Ad-hoc alerts — for high-priority threats, delivered immediately.
Custom SIEM/SOAR feed — STIX/TAXII integration (available in the higher tier).

Related services

We combine sector Threat Intelligence with OSINT investigative and due diligence (deeper analysis for specific use cases) and cyber consulting for social resilience (for clients in the civil-protection sector — counter-disinformation pipeline).

Frequently asked questions

How is Threat Intelligence different from OSINT?

OSINT is a method — open-source intelligence collection. Threat Intelligence is a product — organised briefings with specific audience, cadence, and deliverables. OSINT is one of the main sources for our Threat Intel briefings, but we also add CTI feeds, dark-web monitoring, and our own sensors.

Are the IoCs in automation-friendly format?

Yes, STIX/TAXII as standard. A custom SIEM/SOAR feed is available in the higher subscription tier.

How often are briefings delivered?

As standard, a weekly digest + ad-hoc alerts for high-priority threats. Quarterly debrief session with an analyst (90 min, executive-level).

Inquire about subscription

Free initial conversation — we'll match the briefing and tier to your sector.

Inquire about subscription