Summary

In cybersecurity, understanding the intricacies of intelligence tradecraft can make all the difference. In this insightful interview, cybersecurity expert Aaron Roberts shares his journey from military intelligence to founding Perspective Intelligence. He discusses the evolution of cyber threat intelligence, practical training approaches, the impact of AI, and how to build a successful intelligence function.

Aaron’s path into intelligence started with a fascination for intelligence and a local awareness of GCHQ, the UK’s Government Communications Headquarters. He candidly shares, "I always tell people this story and I don't think anyone believes me, but I used to watch a lot of 24." He recalls, "I was always interested in military history and intelligence services, which guided my career path." This foundational knowledge helped him navigate the complexities of cyber intelligence later on.

After working at GCHQ, Aaron faced a significant decision: stay in public service or explore opportunities in the private sector. He explains, "I thought I was always going to be there for life," but personal circumstances and the evolving cybersecurity landscape prompted him to make a change.

Aaron’s experiences provide valuable insights into cyber threat intelligence (CTI). He emphasizes the importance of adapting to new threats and technologies. "Cybersecurity is an ever-changing landscape, and staying ahead requires constant learning and adaptation," he advises.

One key area Aaron focuses on is Open Source Intelligence (OSINT). He finds it fascinating how the internet can be utilized for intelligence investigations. "Using the internet for intelligence work is incredibly powerful," he states. This approach allows organizations to gather insights that are often overlooked in traditional intelligence methodologies.

In 2021, Aaron published his book on cyber threat intelligence, a project that began during the early days of the COVID-19 lockdown. He shares, "I decided to write a book because there wasn’t much available for non-analysts looking to understand threat intelligence better." The process was both challenging and rewarding, providing him with a platform to share his knowledge and experiences.



Resource

Perspective Intelligence - https://perspectiveintelligence.co.uk/

WannaCry - https://en.wikipedia.org/wiki/WannaCry_ransomware_attack

KASE Scenarios OSINT Training Platform - https://kasescenarios.com/

KASE Scenarios PRoject SandShark - https://kasescenarios.com/project-sandshark

Diamond Model - https://www.threatintel.academy/wp-content/uploads/2020/07/diamond_summary.pdf

Intel architecture mindmap - https://github.com/Errum/IntelArchitectureMap

The cyber threat intelligence book - https://www.amazon.com/Cyber-Threat-Intelligence-No-Nonsense-Security/dp/1484272196

TCM Security SOC 101 - https://academy.tcm-sec.com/p/security-operations-soc-101

Michael Koczwara's Hunting Adversary Infrastructure Training Course - https://academy.intel-ops.io/courses/hunting-adversary-infra

Intel471 Cyber underground Handbook - https://www.intel471.com/cyber-underground-handbook

Admiralty Scale blog post - https://www.sans.org/blog/enhance-your-cyber-threat-intelligence-with-the-admiralty-system/



Chapters

00:00 Introduction to Intelligence Careers

04:21 Transitioning from Government to Private Sector

12:23 Becoming a Published Author

20:37 The Importance of Context in Cyber Intelligence

28:08 Challenges in Open Source Intelligence

36:53 Defining Intelligence: What It Is and Isn't

44:47 Critical Thinking in Intelligence Analysis

51:52 Training and Certifications in Intelligence

59:14 Success Criteria for Intelligence Functions

01:05:07 The Future of Cyber Threat Intelligence

01:11:03 The Role of AI in Intelligence

01:18:18 Advice for Aspiring Intelligence Professionals



PS! This conversation is a compressed edit of an interview Freddy has conducted as part of his PhD research. The interview happened on July 1st, 2025 in London, UK.

Podden och tillhörande omslagsbild på den här sidan tillhör Freddy Murre. Innehållet i podden är skapat av Freddy Murre och inte av, eller tillsammans med, Poddtoppen.