CONFERENCE On Demand: Cyber AI & Automation Summit - Watch Now
Connect with us

Hi, what are you looking for?


Risk Management

How to Make the Business Case for an Intelligence Program

It’s Crucial to Communicate the Benefits of an Intelligence Program in the Context of Risk

It’s Crucial to Communicate the Benefits of an Intelligence Program in the Context of Risk

There are many challenges inherent to starting an intelligence program, but making a business case for one can be among the most difficult. A primary reason for this challenge is that the security practitioners who typically advocate for—and see the most value in—such a program are rarely the ones who control the budget. Meanwhile, budgetary stakeholders are often far removed from the tactical benefits and, in many cases, are unaware of the strategic benefits that a well-executed intelligence program can bestow upon the business.

Based on my own experiences confronting these types of challenges throughout my career, the following tips can help security teams to effectively justify the business need for, and value of, an intelligence program:

Understand the business

The often-siloed structure of security-related lines of business means that while such teams tend to be closely aligned with one another–network defense and endpoint security, for example–many operate independently from their non-security counterparts. As a result, it’s not uncommon for security teams to be uninformed about the core structures, stakeholders, and assets underpinning the business. And without fully grasping how a business operates, it is nearly impossible to define, much less demonstrate, how an intelligence program would benefit that business. 

The first step toward overcoming this challenge is engaging other lines of business. Keep in mind that assets exist throughout the business, as do key stakeholders who rely on these assets and care about protecting them. Security teams can build the trust and earn the support they need for an intelligence program by collaborating with these stakeholders, identifying, understanding, and prioritizing their assets, and then demonstrating how the program would help better protect the assets they care about most.

Overcome communication barriers

Much of the terminology that has long been adopted among commercial-sector intelligence programs hails from the public sector, where intelligence programs were developed to support national security. However, most of this terminology was never intended for a business environment, and as a result, it tends to not resonate as well with business-oriented audiences–including budgetary stakeholders with the authority to greenlight an intelligence program.

Advertisement. Scroll to continue reading.

One of the largest culprits of communication barriers is the notion of risk versus threat. Because many commercial-sector security and intelligence practitioners, as I mentioned previously, rely on terminology that was initially conceived for the national security space, they tend to discuss their operations and objectives more with respect to threats than with risk. After all, governments tend to be more risk-averse due to the grave potential impacts of many of the types of threats they confront. 

Most businesses, meanwhile, perceive threats and risk differently. Since they approach risk not from a national security lens but to evaluate how a specific endeavor might grow the business, their appetite for risk is generally higher. Threats are simply seen as a factor that influences overall risk.This is why, in order to make an effective business case for an intelligence program, it’s crucial to communicate the benefits of such a program in the context of risk.


Remember that many decision-makers are typically far removed from security-related lines of business, so they are likely unaware of all the strategic benefits to be gained from an intelligence program. Many such decision-makers may assume that an intelligence program will only support network defense or will do little more than augment existing security measures, for example. This is why it’s so important to educate and share use cases that illustrate how the right intelligence can support not just network defense teams but also fraud, physical security, M&A, insider threat, supply chain, and brand reputation teams, among others. 

Making a business case for an intelligence program, as I’ve mentioned, can be a complex challenge. Although following the guidance outlined above can help security practitioners overcome this challenge more effectively, these suggestions should serve purely as a starting point. Just as the most successful intelligence programs are tailored to the unique needs and objectives of a business and its stakeholders, the business case for such a program should also reflect these needs and objectives in an manner that is relevant, informative, and consumable for its target audience. 

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.


As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem

Endpoint Security

Today, on January 10, 2023, Windows 7 Extended Security Updates (ESU) and Windows 8.1 have reached their end of support dates.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Email Security

Many Fortune 500, FTSE 100 and ASX 100 companies have failed to properly implement the DMARC standard, exposing their customers and partners to phishing...

Artificial Intelligence

Two of humanity’s greatest drivers, greed and curiosity, will push AI development forward. Our only hope is that we can control it.

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...