When it comes to business or information intelligence, focus on the intelligence piece of it.
Alyssa believes that when talking about business intelligence or information intelligence, the idea of ‘intelligence’ is most important. However, it’s often underappreciated. “When we say ‘threat intelligence’ or ‘information intelligence,’ I think the key factor that we miss most often is the ‘intelligence’ part of it. We get a ton of data. And we look at it, and we give it to a bunch of people and say, ‘Here, go through this.’ But intelligence comes in. And how do we apply that?”
Great information is nothing without intelligence.
Companies may have important information about their security and the processes within their organization, but it is irrelevant unless intelligence is applied to it. “You may have great information, but it doesn’t mean anything if you can’t make that jump from what is important to the CEO, CFO, or the COO because this is what regulators or shareholders are asking you to know about. Connect to that. And that’s how you start to create intelligence in your threat intelligence program.”
Stop trying to paint rosy pictures where they don’t exist.
Alyssa is a firm believer that businesses should know the truth about their cybersecurity, whether it’s good or bad. “Another thing we need to be, in cybersecurity, is honest. Stop trying to paint rosy pictures where they don’t exist, but also, paint a good picture when it does exist.”