Tactical (SOC level)
	IOCs (Indicators of Compromise—context, ranked)
	IOAs (Indicators of Attack)
	Improve Detection
		What are the indicators?
		Malware
		Infrastructure
		
Operational (Threat Hunting level)
	Adversarial Capabilities
	Victimology
		Who/where are the targets?
		Sectors
		Connecting past attacks
	Who/Why/How
		How often?
		Who is targeted?
		Common attributes
	THREATS
		Threat hunting retroactive expected artifacts or things
		Example: TTPs (Tactics, Techniques, and Procedures) and IOCs with more context
	
Strategic (Csuite-level)
	High-Level Trends
	Emerging Risks
	Strategic Decisions
		Who has the means, motive, and opportunity?