We've built an intelligence-driven security operations program over the years, and would like to impart our wisdom to the security community. There's a lot of formalization and "best practices" out there, but often times we learn that these can be quite unwieldy. I will communicate what we've learned in building a cyber intelligence program with the backdrop of a lot of information available on the subject. At the end of the talk, hopefully you will come away thinking about cyber intelligence in terms of some simple components you can start with, and build from, to gradually evolve into a business-focused operation for your team.