Writing about cybersecurity threats, such as phishing campaigns, malware infections, and attack groups, is challenging for many reasons. How should you decide what details to include? How can you persuade the readers that your analysis is sound? How might you address the needs of multiple audiences?

I’m happy to share what I’ve learned over the years about writing effective threat reports in the following 36-minute video. These tips draw upon the advice I share in my Cybersecurity Writing course, which you can take online from SANS Institute.

In addition, to help you decide what information the readers of your threat reports want to see, I prepared a Rating Sheet for the Right Information: Threat Reports. You can use it as a checklist to make sure you’ve included the necessary details about the threat in your reports.

Updated July 1, 2020

About the Author

Lenny Zeltser develops teams, products, and programs that use information security to achieve business results. He is presently the CISO at Axonius and an author and instructor at SANS Institute. Over the past two decades, Lenny has been leading efforts to establish resilient security practices and solve hard security problems. As a respected author and speaker, he has been advancing cybersecurity tradecraft and contributing to the community. His insights build upon 20 years of real-world experiences, a Computer Science degree from the University of Pennsylvania, and an MBA degree from MIT Sloan.

Learn more