Has Your Security Intelligence Education Prepared You for the Tests to Come?
The case for breaking down silos and taking an interdisciplinary approach to intelligence
In 1983, Dr. Howard Gardner, a well-known psychologist and professor at Harvard, developed his theory of multiple intelligences. Gardner argued that the traditional notion of intelligence was too limited and encouraged educators to take a more interdisciplinary approach to designing their instruction.
Turns out that this theory can also be applied to the “intelligence” label used in the security industry. While some are inclined to see intelligence as part of a single discipline—regarding it as an analyst’s specialization or an executive’s “elective”—intelligence is used to transform decision-making for the entire business.
As such, it doesn’t fall under the purview of one subject but should be part of a interdisciplinary curriculum. However, the intelligence label has been siloed, said Flashpoint CEO Josh Lefkowitz. In security, it is often technical- and indicator-based, largely accessible only to those who think in 1s and 0s.
Most often, intelligence is used to refer to things such as indicators of compromise (IOCs) or malicious IP addresses. While those are important components of an intelligence program, they are insufficient. Intelligence has evolved to be a blend of the tactical and strategic.
Those organizations that continue to operate their cybersecurity team in a silo likely are finding they are not having the impact that intelligence programs can—and should—have. Enterprises that have the most successful intelligence programs use it as a catalyst and an enabler for making better decisions, Lefkowitz said. “They have the ability to translate the work that cybersecurity teams are doing on a day-to-day basis and elevate the discussion.”
Taking the Intelligence Test
How do you know if your organization is using intelligence to enable business stakeholders to make better decisions? Take the interdisciplinary intelligence test to see if you’re making the grade across all of these disciplines.
English: Are you speaking the language of business stakeholders, or is there a disconnect? Are decision-makers not able the understand the relevance, applicability and actionability of what their colleagues are providing? Does the terminology you use go so far into the weeds of technical data that you actually lose the headlines around business risk? Are you communicating in a way that resonates from the lens of the business stakeholder to drive decision-making?
History: Do you have context, or are you lacking in attaching sufficient context around the data? Passing the history grade means that you have full context of the threat, the actors and the geopolitical trends so that you understand the who, what, when, where, why and how of the situation you are assessing.
Math: Business stakeholders want to be able to calculate risk to specific business activities and the business overall, but it’s not always feasible to quantify risk. Are you able to see risk on a spectrum with colors of nuance in between milestones? If everything is a risk with no filter to help you prioritize, you can’t make better decisions.
Science: Technology is not the magic bullet to mitigating risk. Are you able to strike the right balance of technology and human analysis? It’s imperative to have humans in the loop, which means that subject matter experts (SMEs) are able to speak a broader language. Then, pair the SMEs with software developers and others.
What Does Intersecting Intelligences Look Like?
Undoubtedly, you will use tools and technology but you also have to have highly experienced people who have the linguistic, logical and interpersonal skills to engage with the technology and business stakeholders.
In her 2016 article in Forbes Magazine, Christina Wallace wrote, “Whether you’re trying to create something new inside an existing organization or tackle it from the ground-up on your own, the ability to associate directly translates to an ability to find diagonal solutions to your most challenging problems.”
That’s what an interdisciplinary approach to intelligence looks like—effective problem-solving, which begins with identifying your business priorities. Lefkowitz said, “If you don’t know priorities, it’s hard to develop metrics and budgets. That’s a process that starts with knowing risk and prioritizing risk using priority intelligence requirements (PIR).”
Making intelligence part of the required interdisciplinary curriculum for your organization will help to break down silos and enable a more successful whole business approach to using intelligence in today’s threat landscape.
