Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

M&A Tracker

Business Risk Intelligence: The New Industry Standard

Intelligence in its various forms has long served as the foundation for many organizations’ cybersecurity strategies. And yet, only in recent years has the industry begun to recognize that certain types of intelligence — namely that which is relevant, actionable, and gleaned from high-value sources — can and should be applied to support not just cybersecurity teams, but all business functions across the enterprise.

Intelligence in its various forms has long served as the foundation for many organizations’ cybersecurity strategies. And yet, only in recent years has the industry begun to recognize that certain types of intelligence — namely that which is relevant, actionable, and gleaned from high-value sources — can and should be applied to support not just cybersecurity teams, but all business functions across the enterprise.

Indeed, I’m talking about Business Risk Intelligence (BRI). Often considered the more strategic and cross-functional counterpart to its predecessor, cyber threat intelligence (CTI), BRI surpasses CTI’s relatively limited applications to inform decision-making, improve preparation, and mitigate a broad spectrum of cyber and physical risks. As someone who’s faced the limitations of CTI firsthand, I wanted to reflect on my experience with BRI to shed some light on why it’s quickly becoming the new industry standard.

BRI addresses overall risk

Just as its name implies, BRI focuses on addressing business risks — not just threats. To understand the difference, let’s look at a basic formula for risk:

Risk = threat x likelihood x impact

As you can see, threat is one component of risk. While most cybersecurity teams focus largely on detecting cyber threats, such an approach should really be just the beginning. Doing more than that requires assessing the likelihood that any given threat will target an organization and, if it does, what the potential impact could be. Even though countless threats exists, they’re not all relevant to all organizations. Evaluating a threat’s relevancy effectively requires visibility into the full context surrounding that threat. 

The challenge is that the context surrounding many threats can be difficult to ascertain given that the nature of CTI is largely focused on detecting threats — but not much else. 

BRI’s use cases are diverse

Advertisement. Scroll to continue reading.

While countless threats can and do target all business functions and assets within an organization, many organizations continue to apply CTI solely in ways that serve the functionality of its namesake. That is, they appropriate all CTI-related operations solely to cybersecurity teams for use in addressing cyber threats. 

BRI, on the other hand, broadens the scope of intelligence beyond cyber threat detection to provide relevant context on a broad spectrum of threats facing all business functions — not just cybersecurity teams. Organizations with effective BRI programs recognize that just because a threat has originated on the Internet does not mean such a threat’s scope of influence will remain restricted to all things cyber. I’ve written previously about how BRI’s widespread versatility enables organizations to not only bolster cybersecurity but also assess M&A opportunities, enhance executive protection, and strengthen physical security, among BRI’s many other uses. 

BRI fosters cross-functional information sharing 

By addressing so many diverse use cases, BRI also fosters a critical activity that has long been tied to effective security and risk strategies: information sharing. After all, when access to and collaboration around intelligence is restricted to one or few business functions, other business functions cannot benefit from it.

For example, let’s say that the CEO of a Fortune 100 retailer will travel to Asia to attend a high-profile event. In preparation, her executive protection team researches the surrounding area, maps out evacuation routes, and constructs a team of physical security professionals. Meanwhile, an intelligence analyst on the same company’s cybersecurity team leverages a CTI-based approach to identify the culprit of a recent defacement of the company’s website.

What’s great about BRI is that it would have armed both the executive protection team and the intelligence analyst with full visibility of threats against cyber and physical threats. For instance, with BRI they would’ve more easily connected that the hacktivist group responsible for defacing the website was also linked to a plot to shut down the power supply of an upcoming event occurring during the CEO’s trip to Asia.

Given the mounting difficulties today’s organizations continue to face in navigating what has become a truly volatile threat landscape, BRI’s cross-functional, comprehensive approach to intelligence is now a requirement. Whether an organization has an entire department of seasoned intelligence analysts or a smaller team that needs more daily support, BRI can help inform their decisions, gain a decision advantage over adversaries, and mitigate a broad spectrum of cyber and physical risks. 

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem

Endpoint Security

Today, on January 10, 2023, Windows 7 Extended Security Updates (ESU) and Windows 8.1 have reached their end of support dates.

Email Security

Many Fortune 500, FTSE 100 and ASX 100 companies have failed to properly implement the DMARC standard, exposing their customers and partners to phishing...

Funding/M&A

Thirty-five cybersecurity-related M&A deals were announced in February 2023

Funding/M&A

Forty-one cybersecurity-related M&A deals were announced in March 2023.

Funding/M&A

Forty cybersecurity-related M&A deals were announced in January 2023.