Monday, 26 March 2012 08:33 2794No Commentshttp%3A%2F%2Fblog.q1labs.com%2F2012%2F03%2F26%2Fclients-reveal-the-meaning-and-value-of-security-intelligence%2FClients+Reveal+the+Meaning+and+Value+of+Security+Intelligence2012-03-26+13%3A33%3A54Michael+Applebaumhttp%3A%2F%2Fblog.q1labs.com%2F%3Fp%3D2794

Posted by Michael Applebaum in Cybersecurity, In the Industry, Security Intelligence

We’ve written extensively in this blog about what Security Intelligence means in concept and practice.  As a new solution category, it benefits from wide discussion and exploration.  My colleague Chris Poulin recently shared Security Intelligence insights from a client and partner panel he moderated at IBM Pulse 2012, where Security Intelligence was a pervasive theme.  In this post, I’ll share a few more data points I picked up from clients at Pulse who discussed what Security Intelligence means and the business value they’re obtaining from it.

One panel discussion included the information security executive of a major media company, the global head of IT security at a global manufacturer, and IBM’s own Vice President of IT Risk, Kris Lovejoy.

The opening question – “What is Security Intelligence?” – elicited some interesting views:

• The ability to learn something germane and relevant at the time you need to make a decision.  (Media co. exec)
• It’s less about the technology and more about the destination.  Understanding the different threats, instrumenting our architecture in a way that is consumable and actionable.  (Lovejoy)

And my personal favorite:

• Knowing what the hell is going on!  (Manufacturing co. exec)

The last comment really speaks to the pain experienced by security, risk and IT executives who are wrestling with an explosion of threats, limited visibility and information silos that are tough to bridge.  (Not to mention fixed/shrinking budgets.)  Who doesn’t worry about what’s taking place out of sight in their organization?

Kris Lovejoy also shared a deeper insight about the impact of Security Intelligence:

Viewing Security Intelligence as a destination brings along a new way of thinking.  Security Intelligence can be an effective marketing tool internally.  You start to think about security differently and strategically.

This is powerful.  Security Intelligence is not just a set of technologies, processes, or even the insights resulting from them.  It’s also an approach – one focused on up-leveling the security and compliance conversation, focusing on end goals (especially stretch goals), and delivering greater value to both IT and the Line of Business.

An answer to the next question – “How do you justify security investments?” – also emphasized the need to tie security and risk initiatives back to business value:

Focus on business outcomes that are made possible through the investments.  (Manufacturing co. exec)

In other words, what supply chain initiatives are you enabling through careful security controls?  What cloud services are you making possible through policies, controls and monitoring?  And ideally, are you leveraging your security investments to gain tangible insights that drive revenue opportunities?

One client who presented at Pulse is doing just that, leveraging his Security Intelligence solution to gain Business Intelligence.  This security executive from a financial services firm is not only using Security Intelligence to detect fraud (as Chris Poulin describes), but also to pinpoint commercial customers whose business has started to decline.  Because his Security Intelligence solution is easily customizable, he uses it to identify falling sales volumes as easily as fast-rising ones.  They feed this information to their Sales team in real-time, who reach out to those customers and can often reverse the negative trend, making a meaningful impact on the company’s bottom line.

In fact, the business insights produced by the Security Intelligence solution are so valuable that this company’s executive team specifically praised the IT Security organization’s work during one of the company’s recent earnings conference calls.  Imagine becoming a hero to your CEO.

Last, I wanted to share the panelists’ perspectives on where the IT security and risk field is headed.  In response to the question “What will be different about security in five years?”, they shared the following:

• We won’t need so much audit preparation effort.  The information will just be there, accessible. (Media co. exec)
• The bulk of the organization will focus on risk management and business processes, not compliance.  (Lovejoy)

Again, note the themes of information visibility and better connecting IT Security with the Line of Business.

To sum up what I heard from clients at Pulse:  Security and risk executives are pursuing Security Intelligence initiatives to raise enterprise-wide visibility, gain actionable and tailored information, and transform security and risk management from a tactical pursuit to a strategic initiative driving bottom-line business value.

For help with your own Security Intelligence journey, be sure to check out this comprehensive Resource Center.