As we head into RSA Conference in San Francisco, I’ve spent time thinking about the various approaches to cyber threat intelligence (CTI) and how they do or do not actually help organizations mitigate risk.
I’ve previously touched on the limitations of open web intelligence and the scale and skill it takes to build a real, human-powered team that can produce Business Risk Intelligence (BRI). But confusion around automated intelligence is currently creating the most challenges for the organizations that come to us after they’ve learned that data they thought was automated intelligence didn’t really deliver any meaningful ability to meet their intelligence requirements.
“You use automation to cut through the easily identified and mundane things, so that you can apply humans to the really hard tasks,” said Jason Brvenik, CTO, at NSS Labs.
At Flashpoint, we certainly rely on automation; our tooling is expertly guided by human beings with deep subject matter knowledge, enabling us to deliver high-value data to our analyst team so they can produce rapid, relevant intelligence for our customers.
But automated feeds of intelligence in and of themselves, without expert human analysis, cannot help mitigate risk unless you already know what you’re looking for. And then, it’s simply not intelligence. Automated intelligence can only answer questions customers know to ask.
In contrast, BRI’s effectiveness lies in its ability to translate data to the specific needs of a customer. Our analyst team delivers BRI in a way that gives every customer a tailored experience that maps intelligence to their requirements.
As seen in our recent Aflac case study:
“Flashpoint, a ‘full-service’ program, doesn’t just offer data; it gathers the data and then turns it into finished intelligence that provides actionable insights on everything from actor personas and relevant threats to broader, macro trends pertaining to fraud and identity theft. Such intelligence is invaluable because it enables us to enhance our overall security program at the strategic, operational and tactical levels… And with so much coverage, the analysts are fantastic at cutting through all the noise to decipher.”
We work hard to understand the intelligence requirements of our customers, regardless of their sophistication, and act on their behalf to produce BRI that helps mitigate the risks of today and prepares them for how those risks might change in the future. Automated collection is always based on yesterday’s priorities.
BRI aims to be flexible by leveraging technology, data, and people to make customers aware of risks they might not yet have considered or understand risks they’re aware of already with greater context and clarity. Combining advanced human expertise and machine scale to produce BRI is the best way to find a path through an uncertain threat environment that demands forward thinking, adaptability, and full context.