This document discusses how to create targeted threat intelligence feeds for a specific industry. It recommends researching advanced persistent threat (APT) groups that target the industry and mapping their tactics and techniques using MITRE ATT&CK. Highest scoring techniques are identified and log sources examined to determine gaps. Tags for the techniques are searched in MISP to produce a weighted threat feed, which can be enriched and exported to a security information and event management (SIEM) system. Automation using APIs and code is also suggested.