Carnegie Mellon University cmu-wordmark

Integrating Cyber Threat Intelligence into Cyber Mission Rehearsals

SEI Report
By
This report provides a comprehensive overview of how to integrate cyber threat intelligence into cybersecurity mission rehearsals, focusing on planning, assessment, and evaluation.
Publisher

Software Engineering Institute

DOI (Digital Object Identifier)
10.1184/R1/28401335
Topic or Tag

Abstract

Cyber threat intelligence (CTI) plays a crucial role in enhancing defensive capabilities in cybersecurity. However, integrating CTI into mission rehearsals poses significant challenges. This report provides a comprehensive overview of how to integrate CTI into cybersecurity mission rehearsals, focusing on planning, assessment, and evaluation. This report also reviews the existing literature on CTI integration, identifies best practices, and highlights challenges associated with this process.

CTI integration requires time-intensive planning that must be tailored to the training audience’s needs and constraints. This integration also requires clear training objectives, metrics, and evaluation frameworks. Furthermore, throughout CTI integration, challenges (e.g., data quality, tool integration, training) must be addressed.

This report provides recommendations that cyber mission rehearsal developers can use, such as guidance for developing a solid plan, establishing a detailed process, and providing training and support. By conforming with these recommendations, organizations can improve their defensive capabilities and enhance their overall cybersecurity posture. This comprehensive approach to integrating CTI into cybersecurity mission rehearsals can help organizations stay ahead of emerging threats and protect their assets.

SHARE
Download the PDF
Cite This SEI Report

Warren, M., Updyke, D., & Yarger, J. (2026, June 1). Integrating Cyber Threat Intelligence into Cyber Mission Rehearsals. Retrieved June 3, 2026, from https://doi.org/10.1184/R1/28401335.

@techreport{warren_2026,
author={Warren, M. Colleen and Updyke, Dustin and Yarger, John},
title={Integrating Cyber Threat Intelligence into Cyber Mission Rehearsals},
month={{Jun},
year={{2026},
howpublished={Carnegie Mellon University, Software Engineering Institute's Digital Library},
url={https://doi.org/10.1184/R1/28401335},
note={Accessed: 2026-Jun-3}
}

Warren, M. Colleen, Dustin Updyke, and John Yarger. "Integrating Cyber Threat Intelligence into Cyber Mission Rehearsals." Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, June 1, 2026. https://doi.org/10.1184/R1/28401335.

M. Warren, D. Updyke, and J. Yarger, "Integrating Cyber Threat Intelligence into Cyber Mission Rehearsals," Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, 1-Jun-2026 [Online]. Available: https://doi.org/10.1184/R1/28401335. [Accessed: 3-Jun-2026].

Warren, M. Colleen, Dustin Updyke, and John Yarger. "Integrating Cyber Threat Intelligence into Cyber Mission Rehearsals." Carnegie Mellon University, Software Engineering Institute's Digital Library, Software Engineering Institute, 1 Jun. 2026. https://doi.org/10.1184/R1/28401335. Accessed 3 Jun. 2026.

Warren, M. Colleen; Updyke, Dustin; & Yarger, John. Integrating Cyber Threat Intelligence into Cyber Mission Rehearsals. Software Engineering Institute. 2026. https://doi.org/10.1184/R1/28401335

Related Links
Crucible and GHOSTS: Enabling Realistic Cyber Simulations
Crucible Software and Supporting Materials
Ask a question about this SEI Report