System and method of cyber threat intensity determination and application to cyber threat mitigation

What is claimed is: 1. A security system, comprising: a computer system; a memory accessible to the computer system; a data store comprising a plurality of consensus evaluations and a plurality of cyber threat analyst ratings; and an application stored in the memory that, when executed by the computer system: generates a cyber threat report based on user inputs, wherein the report comprises an identification of a cyber threat intent and the identification of a cyber threat technology, receives from a cyber threat analyst an input of a cyber threat frequency score associated with a set of cyber threat intelligence, an input of a cyber threat likelihood score associated with the set of cyber threat intelligence, and an input of a cyber threat capability score associated with the set of cyber threat intelligence, and generates a cyber threat intensity based on the cyber threat frequency score, based on the cyber threat likelihood score, based on the cyber threat capability score, and based on a cyber threat analyst rating of the plurality of cyber threat analyst ratings stored in the data store, wherein the cyber threat analyst rating indicates at least one accuracy of the cyber threat analyst in scoring at least one of a cyber threat frequency, a cyber threat likelihood, or a cyber threat capability, and wherein the cyber threat intensity is different depending on the cyber threat analyst rating, wherein the cyber threat report and the cyber threat intensity are used to select one or more cyber risk mitigation actions to manage a cyber risk of an enterprise or organization. 2. The system of claim 1 , wherein the cyber threat analyst rating comprises a rating of the analyst's accuracy in scoring the cyber threat frequency, a rating of the analyst's accuracy in scoring the cyber threat likelihood, and a rating of the analyst's accuracy in scoring the cyber threat capability based on the set of cyber threat intelligence. 3. A method of mitigating cybercrime risk, comprising: determining a cyber threat analyst rating based on evaluating a scoring accuracy of a cyber threat analyst to score at least one of a cyber threat frequency, a cyber threat likelihood, and a cyber threat capability based on an evaluation set of cyber threat intelligence, wherein the cyber threat analyst rating indicates at least one accuracy of the cyber threat analyst in scoring the at least one of the cyber threat frequency, the cyber threat likelihood, or the cyber threat capability; receiving, by an application stored in a memory and executable by a processor, from the cyber threat analyst, an input of a cyber threat frequency score associated with a set of cyber threat intelligence, an input of a cyber threat likelihood score associated with the set of cyber threat intelligence, and an input of a cyber threat capability score associated with the set of cyber threat intelligence; determining, by the application, a cyber threat intensity based on the cyber threat frequency score, on the cyber threat likelihood score, and on the cyber threat capability score associated with the set of threat intelligence and based on the cyber threat analyst rating, wherein the cyber threat intensity is different depending on the cyber threat analyst rating; and deploying at least one electronic countermeasure to mitigate a cybercrime risk associated with the set of cyber threat intelligence based at least in part on the cyber threat intensity. 4. The method of claim 3 , wherein the cyber threat analyst rating is determined based on scoring a plurality of independent sets of cyber threat intelligence and averaging a scoring accuracy over the plurality of independent sets of cyber threat intelligence. 5. The method of claim 3 , wherein the cyber threat intensity is expressed as a value and a potential deviation from the value based on the cyber threat analyst rating. 6. The method of claim 3 , wherein the cyber threat capability score is an estimate of a strength of a threat source and a cyber attack tool identified by the set of cyber threat intelligence. 7. The method of claim 3 , wherein the cyber threat likelihood score is an estimate of a probability that a cyber threat identified by the set of cyber threat intelligence can succeed in actualizing its threat intent. 8. The method of claim 3 , further comprising: generating at least one standard score, wherein the cyber threat analyst rating is determined by comparing at least one score of the threat analyst to the at least one standard score. 9. The method of claim 8 , wherein the cyber threat analyst rating is expressed as a deviation from the at least one standard score. 10. The method of claim 3 , further comprising: determining a second cyber threat intensity based in part on deploying the at least one electronic countermeasure. 11. The method of claim 10 , wherein the second cyber threat intensity is determined partly based on determining a second cyber threat frequency score, on determining a second cyber threat likelihood score, and on determining a second cyber threat capability score based on deploying the at least one electronic countermeasure and on the set of cyber threat intelligence. 12. A security system, comprising: a computer system; a memory accessible to the computer system; and an application stored in the memory that, when executed by the computer system: accesses a cyber threat report including a cyber threat assessment generated by a cyber threat analyst, the cyber threat assessment including, for each of a plurality of identified cyber threats, one or more quantified components each comprising a score determined by the cyber threat analyst, the cyber threats potentially actualized as cyber attacks against any of a plurality of organizations; generates an evaluation of the cyber threats based on the cyber threat assessment and based on a cyber threat analyst rating of the cyber threat analyst accessed from a data store, wherein the cyber threat analyst rating indicates at least one accuracy of the cyber threat analyst in assessing the cyber threats, and wherein the evaluation of the cyber threats is different depending on the cyber threat analyst rating; and generates a cyber threat risk to an organization of the plurality of organizations based on the evaluation of the cyber threats and based on technology deployed by the organization, the cyber threat risk being provided by the application for use in selecting one or more cyber risk mitigation actions to manage the cyber risk of the organization. 13. The system of claim 12 , wherein the evaluation of the cyber threats is determined by the application based on one or more quantified components comprising one or more cyber threat scores including one or more of a cyber threat frequency score, a cyber threat likelihood score, and a cyber threat capability score. 14. The system of claim 12 , further comprising a cyber threat analyst calibration application stored in the memory that, when executed by the computer system: receives, via user input from the cyber threat analyst, one or more scores for a standard set of threat intelligence packages, wherein the one or more scores for each threat intelligence package of the standard set of threat intelligence packages comprises one or more of a cyber threat frequency score for the threat intelligence package, a cyber threat likelihood score for the threat intelligence package, and a cyber threat capability score for the threat intelligence package; and compares the one or more scores for each threat intelligence package of the standard set of threat intelligence packages to one or more standard scor