Achieving Intelligence-Driven Information Security
The report from the Security for Business Innovation Council (SBIC) provides both business and technology executives with specific recommendations on how to develop an intelligence-driven approach to counter advanced threats.
In addition to providing categories of cyber-risk data and examples of information-sharing initatives, the SBIC report also lays out a six-step roadmap to achieving intelligence-driven information security:
Step 1: Start with the Basics
Inventory strategic assets, strengthen incident-response processes and perform comprehensive risk assessments.
Step 2. Make the Case
Communicate the benefits of an intelligence-driven security program to executive management and key stakeholders. Identifying “quick wins” to prove value out of the gate is essential for gaining broad organizational support, including funding.
Step 3. Find the Right People
Look for professionals who can blend technical security acumen with analytical thinking and relationship-building skills.
Step 4. Build Sources
Determine what data from external or internal sources would help detect, predict or lessen the chances for a targeted attack; evaluate sources on an ongoing basis.
Step 5: Define a Process
Codify a standardized methodology to produce actionable intelligence, ensure an appropriate and timely response and develop attack countermeasures.
Step 6: Implement Automation
Find opportunities to automate the analysis and management of large volumes of data from multiple sources.