With financial pressure falling on business leaders, cutting costs can be necessary for survival. Being understaffed and ignoring critical business operations is not an option, particularly with security and intelligence. With security and intelligence investments tied up in expensive technology and resources, leaders know they must evaluate alternatives to advance operations and mitigate risk. However, the “firehose of noise” delivered by intelligence products obscures intelligence’s value and overwhelms security teams with meaningless alerts. It’s time for security leaders to consider managed services for their threat intelligence needs.

Managed services have a history of well-executed delivery while providing cost savings and flexibility. Unsurprisingly, managed services adoption grew roughly 60% faster from 2008-2010 than in years prior. During these periods of economic challenges, particularly for regulated industries, managed services enabled security teams to harden their defenses despite financial constraints. Managed service providers (MSPs) filled a critical need by providing technology, IT expertise, and resources as a service. Not only did businesses upgrade expertise, technology and tools, but they reduced upfront costs and capital expenditures (CAPEX) in exchange for committing to a sustainable contract with their MSP.

Threat intelligence is sometimes considered easier to cut than other aspects of cybersecurity. “Outside the firewall” collection gaps, lack of defined organization-specific requirements, insufficient client-specific intelligence and difficulty in procuring talent internally make the nature of intelligence work challenging. Further, the “firehose of data noise” often leads to alerts that overwhelm stakeholders such as a SOC.

However, geopolitical conflict and economic turbulence are interconnected, particularly in physical and cyber intelligence domains. Consider an array of cyber, physical and executive intelligence focuses a company must address on a given week:

For security teams to have coverage of many of these threats across intelligence domains, threat intelligence as a managed service should be considered. After all, threat intelligence is a critical element of any serious security strategy, but few security teams have the expertise or resources to tackle all the threats they face.

Managed intelligence providers fill a crucial gap by combining people, process and technology to deliver threat intelligence as a service, allowing organizations to offload resource-intensive tasks to an experienced provider, including:

Unfortunately, cyber threat “intelligence” (CTI) vendors have hijacked the meaning of threat intelligence, creating confusion about its real value. While the CTI market exceeds $10 billion, it generally consists of data feeds using the broadest data lakes and AI and ML to detect known threats. While it makes sense to buy a feed to address one specific pain point, often customers want more return on their investment specific to a wider array of risks.

To properly defend and proactively mitigate risks, you need a team that understands and stays current with the intelligence lifecycle and domain expertise that addresses the organization’s risk. From cyber, to fraud, to trust and safety, to physical protection for key people, places and assets, you must find a way to detect and respond to threats in a scalable model that joins an organization’s intelligence workflows to deliver outcomes.

By Landon Winkelvoss on Wed, 26 Oct 2022 14:04:36 +0000
Original link