Showing ROI from threat information - TechCrunch
Information is a threat has been involved in private sector cyber security processes for nearly a decade now. Initially many threat intelligence teams were made up of classically trained intellectuals from the public sector, where they focused on collecting data to thwart national security threats. And as these teams grew and evolved to protect against user data breaches and service interruptions, the growing pains associated with work in a physical environment.
Expectations are changing, however. Security operations are evolving, and as threats continue to grow, enterprises have invested heavily in security infrastructure. C-suites and boards are increasingly involved in security decisions, and studies show that they are doubling down on security investments, which are expected to rise to $ 458.9 billion in 2025 from $ 262.4 billion in 2022.
But with more investment comes scrutiny and stiff competition for dollars across IT and security teams. However, for threatening intelligence teams, old habits seem to die hard. Many remain in the mind of the government, aiming to send funnel data to the security activity center (SOC) and have little experience in extending threat information to other parts of the industry, communicating the resulting value and justify the required investment.
By delivering treated threat information to more teams that need it, enabled by two-way integration, CISOs and their team will allow threat information to be verified far from a cost center.
After nearly a decade of threatening information going physical, a countdown comes. It's time for CISOs and intel threat teams to start working together and prove that threat information is not a cost center, but a value driver across all security operations.
As Intel's threat teams mature, here are three tips to help create a mindset and show the full value it provides.