In 2010 Gartner espoused that applied security (Signals) intelligence was no longer an option for companies.
I called the analyst on this not because I thought he was wrong, on the contrary, because I thought they should swing for the fences a little bit more readily!
Signals intelligence is a great and useful tool if you can get it with valid and clean data; that’s a big if given the lack of ‘connectedness' between all of the logs in an organization and the difficulty in processing all this information without having your own Intel team.
My point to Gartner was more that Signals Intel is only half of the mystery; the other component for corporations is Human Intel.
Now, many of my contemporaries will no doubt argue that companies can’t afford security intelligence teams, much less ‘Humint’ programs. I am here to tell you its time you all stepped up to the big table and starting prioritizing threats.
If you can accurately identify which threats are really risks for your organization you can do a few important things:
- Optimize security spend to those things that are truly highest risk
- Aid the business in acting boldly in decision making in areas where the risk is actually lower or in areas where security investment is high.
- Make security a strategic competitive advantage for your firm
- Create real executive briefing information in terms of what it means to your company, not just explain what CNN said last night
Only when you combine Signals and Human Intel over a sustained period of time, can you really begin to be sure when answering leadership’s question…How do you know we are spending our money on the right things?