Are cybersecurity efforts focusing too much on the “how” and not enough on the “why”? That’s the position of “Strategic Cyber Intelligence,” a report published by the nonprofit organization Intelligence and National Security Alliance, which is comprised of “current and former high-ranking intelligence, military and government agency leaders, analysts, and experts from industry and academia.”
By way of introduction, the report looks to various definitions of “cyber intelligence” to emphasize that the focus is too often improperly on the network rather than on “strategic assets such as intellectual property, trade secrets, sensitive business information, and other data that contribute to an organization’s competitive advantage[.]” This “tactical focus,” as the paper terms it, diminishes effectiveness when communicating cyber threats to public and private sector leaders.
I’ve linked the paper here for you to peruse at your leisure, but I want to leave you with an (albeit oversimplified) summary of the report’s conclusions. Essentially, the report advocates for an approach whereby various levels of cyber intelligence should be defined by each individual organization and for each particularized circumstance after careful consideration of six criteria, which focus on the profile of the consumer, the profile of the potential adversary, and intelligence collection itself.
Leave a Reply