How You Can Write Better Threat Reports

Writing about cybersecurity threats, such as phishing campaigns, malware infections, and attack groups, is challenging for many reasons. How should you decide what details to include? How can you persuade the readers that your analysis is sound? How might you address the needs of multiple audiences?

I'm happy to share what I've learned over the years about writing effective threat reports in the following 36-minute video. These tips draw upon the advice I share in my Cybersecurity Writing course, which you can take online from SANS Institute.

In addition, to help you decide what information the readers of your threat reports want to see, I prepared a Rating Sheet for the Right Information: Threat Reports. You can use it as a checklist to make sure you've included the necessary details about the threat in your reports.


About the Author

I transform ideas into successful outcomes, building on my 25 years of experience in cybersecurity. As the CISO at Axonius, I lead the security program to earn customers' trust. I'm also a Faculty Fellow at SANS Institute, where I author and deliver training for incident responders. The diversity of cybersecurity roles I've held over the years and the accumulated expertise, allow me to create practical solutions that drive business growth.

Learn more