Please describe in details
Do you have method and process to share IOC across the organization?
Are Information sharing threat intelligence sources are used?
Do you maintain a cyber threat hunting capability to search for indicators of compromise in organizational systems and detect, track, and disrupt threats that evade existing controls.
Do you have method and capability to detect IOC in your network?