MG Strategy+ Security Intelligence Reading and References – MGS+ Report
Reading and References
Competitive Intelligence – CI For Beginners Part 1: Insight Work “Intelligence is a set of internal activities to help understand and influence corporate strategy, deals, competitors, markets, and customers.” It is much easier to answer what intelligence work DOES — it provides a 360-degree view of the past, present, and potential futures for a particular set of problems. The typical definition says something like “Competitive Intelligence is the art of turning ethically-collected data into actionable insights and strategies”. However, I think this definition is a bit too theoretical — it lacks practicality and application…..
Competitive Intelligence – CI For Beginners Part 2: Engaging the Process How do we take this academic model of intelligence, and put it to work? …Each path you decide to take will come with its own learning curve and challenges, but ultimately, your outcome is 100% yours to create. That said, lots of people say “I do competitive intelligence!” and act like it exists in a silo. If we are brutally, completely honest, you will have absolutely zero understanding of the competitors if you don’t also understand your market and industries, your clients/customers and other sociological, economic, and political forces at play….
Threat Intelligence, Information, and Data: What Is the Difference? Key Takeaways There’s a huge difference between threat data, information, and intelligence, and understanding the difference is essential to getting the most out of your threat intelligence platform. As we progress from data to information to intelligence, the volume of outputs reduces while the value of those outputs increases. Threat intelligence platforms produce data and information, which human analysts can use to produce actionable threat intelligence. A computer can never produce threat intelligence, but humans are unsuited to the task of collecting and processing huge volumes of threat data. Action must always be the end goal. Threat intelligence is useless unless it can be used to improve cyber security.
This service is specifically designed to deliver well defined deliverables into critical intelligence demands of our client. These critical intelligence demands are across Technology Information Data Positioning Planning and Execution.
Client Intelligence Technology Information Data
client understanding of Intelligence Technology and Intelligence Information and Intelligence Data
client leverage of technology to process information relating to aspects of their operational environments
client use of information to contribute to their decision-making process; provide reasoned insight into future environments; increase information utility
Client Intelligence Positioning
client capability in anticipation and prediction of future environments and better defining differences in available courses of action
client depth of quantitative analysis and qualitative judgment and competing interpretation
client continuous examination of their intelligence needs
client definitions of goals, frameworks, quantifiable outputs and objectives
MGS+ Security Data Services – Intelligence: Technology Information and Data
Technology enables access to, in near-real-time, very large amounts of information relating to aspects of the operational environment (OE) Information is of greatest value when it contributes to the decision-making process by providing reasoned insight into future conditions or situations. Raw data by itself has relatively limited utility. However, when data is collected and processed into an intelligible form, it becomes information and gains greater utility.
MGS+ Security Data Services – Intelligence Planning
Intelligence Planning (IP) occurs continuously while intelligence collection and production plans are updated as a result of previous requirements being satisfied and new requirements being identified.
A conceptual model of the intelligence process
Planning and Direction. Definition: Planning and Direction.
In intelligence usage, the determination of intelligence requirements, development of appropriate intelligence architecture, preparation of a collection plan, issuance of orders and requests to information collection agencies.
IP and direction is best understood as the development of intelligence plans and the continuous management of their execution. Planning and direction activities include, but are not limited to:
the identification and prioritization of intelligence requirements;
the development of concepts of intelligence operations and architectures required to support the action or task;
tasking subordinate intelligence elements for the collection of information or the production of finished intelligence;
submitting requests for additional capabilities to higher review;
and submitting requests for collection, exploitation, or all-source production support to external, supporting intelligence entities.
MGS+ Threat Intelligence as a Critical Organizational Need
The critical need for an evidence based, automated, holistic approach of the threat landscape.
These are challenging times for security managers, with corporate boards demanding awareness of cyber risks, faster processing of progressively complex data and efficient managed services for an increasing number of intelligent devices than ever before.
Ultimately security teams are in a better position of strength to defend their organizations against threats if they know what is coming in their direction; tools and staff are vital but should be augmented with intelligence.
Threat Intelligence is no longer for the large, well-funded organizations, but is required to be an overall component of mitigation strategies for all businesses that operate within this evolving technological environment; the economies of scale and adaptability of solutions now allows small businesses to be able to access credible threat intelligence sources that can be based on an organizations profile and supply chain.
Critical data that used to be in a secured datacenter now moves across an increasingly complex ecosystem of networked environments, including IIoT, IoT, cloud servers, virtualized environments and mobile devices.
The rate of change in some enterprise environments is so rapid that many organizations are struggling to keep pace with the evolving nature of cyber threats or being able to ascertain knowledge of what arises daily.
To build an effective cyber security strategy, awareness of specific cyber threats needs to occur as well as an analysis of how those threats affects the organization.
Threat Intelligence provides context, indicators, increased awareness and actionable responses about current or emerging threats that aid in decision making at an operational, tactical or strategic level.
Cyber adversaries are increasingly using sophisticated tools, techniques and procedures that are evading stand-alone security solutions with multiyear campaigns that target valuable and sensitive information.
Organizations need an evidence based, holistic view of the threat landscape with a proactive security posture to defend organizations from a wide array of threat – A Threat Intelligence led cyber security program.