Intelligence Can be Aligned With Larger Objectives to Improve Decision-Making Beyond the Cybersecurity Domain
Cyber threat intelligence (CTI) has been a growing part of the cybersecurity industry for the past several years. Over-focus on this specific intelligence type may be undercutting the ROI that personnel and technologies used to manage CTI could be providing. Teams and solutions that are built for long-term success in the CTI field are by design capable of providing much greater impact than the current CTI mission is designed to deliver. This means we are spending far too much on technology, personnel, and accesses to constrain these teams to such a small focus. Since these investments can provide enterprise-wide, intelligence-driven security, it may be time to graduate from CTI and move on to “intelligence.”
Let’s consider the term “cyber threat intelligence.” “Cyber” limits us to the digital realm, yet our teams are built on intelligence principles that are equally applicable in the physical world. Additionally, the tools and accesses needed to build a successful team can just as easily be used to address physical security concerns. For instance, if a company has an intruder on its campus or someone who has made threats against an employee, wouldn’t it want to leverage a CTI team’s access to powerful tools and data from threat feed providers? We would want our physical security team to be supported by our CTI team for the express purpose of better understanding the potential risks posed by possible threats, right?
This is a very real example of how a current CTI team could support physical concerns through intelligence collection and reporting, even though this rarely happens. It is time to stop confusing stakeholders with a term that does not properly represent the full value that CTI teams ..
Support the originator by clicking the read the rest link below.
