What the C-Suite Needs to Know About Cyber Intelligence
We live in an increasingly networked world where the successful function of our nation's critical infrastructure depends upon a reliable and secure cyber domain. That network, unfortunately, is under assault. Any organization connected to the internet is vulnerable to cyber-attacks and liability for data breaches that affect customers leads directly to the C-suite …after destroying the careers of the CIO and CISO.
Key industries such as finance, communications, manufacturing and energy—and the industrial control systems that operate them efficiently—are the targets of daily cyber-attacks and espionage from nation-states, non-state actors and insider threats that have exposed dangerous vulnerabilities with potentially devastating impact on our nation's security. These vulnerabilities require that industry, government, and academia work together to create better solutions, policies, and legislation to secure the cyber domain.
Any organization connected to the internet is vulnerable to cyber-attacks and liability for data breaches that affect customers leads directly to the C-suite
Cyber Security is comprised of hardware, software, processes, and human beings. Most Cyber Security infrastructures represent years of appending, amending, and altering the original configuration. However, they remain immature due to limitations based on budget restrictions and management decisions made by executives that have not yet been properly informed.
The executive must be afforded a global view of what the threats are and how to plan strategically to mitigate threats coming to, or already within, their organizations. Executives also need an overview, so they will personally know how strong their company’s cyber defenses are, as well as the expected responses for attacks or breaches.
Educating the C-Level, and upper management, begins the path to Cyber Intelligence.
WHAT IS CYBER INTELLIGENCE?
Simply stated, "cyber intelligence" is the comprehensive assessment of an adversary's capabilities, intentions, activities and the use of intelligence and counterintelligence processes and information that relate to cyberspace. Properly applied, cyber intelligence enables organizations to become better informed about the types of attacks they may encounter. The intentions and motivations of adversaries can be assessed to create a holistic cyber threat profile. This crucial threat understanding allows organizations to develop counterintelligence and security measures to defend against these attacks.
There has been an urgent wake-up call to executives that cybersecurity and therefore cyber intelligence needs to be taken seriously throughout the organization. The potential losses are significant. Cyber Intelligence is often used as the foundation for the Information Systems Strategic Plan (ISSP) and may also be used to govern what class of hardware and software are brought into the organization. Organizations often inherit architectures that were geared for performance and never well thought out or defined for Cyber Security, or perhaps have just been neglected over a period of years.
The graphic below shows the amount of time that an intruder dwells on a network before it is discovered to be present. This is more than three months. How much damage could you do in three months? How much damage could an entire team do?
From Mandiant Investigation into targeted attack activity conducted between Oct 1, 2016 and Sep 30, 2017
Cyber Intelligence will increase valuable understanding of the constantly evolving threatscape for everyone from C-Level executives to on-the-ground operators. Businesses and nations are more dependent on cyber communications and commerce today than ever before, and hence on cyber security. Cyber Intelligence is the next step, after Cyber security, and is fundamental to corporate and national security. Cyber Intelligence blends basic technical and operational knowledge of the cyber domain with classic intelligence tradecraft in data collection and analysis, counter intelligence, active defense, policy creation and risk assessment. Cyber Intelligence will enable business and government professionals bring all of these activities together and therefore to become better informed and therefore make their organizations more secure.
The cyber domain is unique in the intelligence cycle and in the world. Cyber is comprised of different characteristics than that of space, air, land and sea. Because cyber information is transmitted instantaneously, it may affect components of the intelligence cycle (collection, analysis, dissemination, etc.) simultaneously rather than sequentially. Since Cyber information is transmitted instantaneously, organizations must already be prepared to prevent or respond to Cyber attacks. Cyber Intelligence successes come from learning about underlying trends, forces and assumptions – education is as key as connecting dots and predicting the future.