Doing Security Without Direction? Set a Laser-Focused Strategy with a Threat Profile
It’s a common problem: Security Programs are driven by compliance requirements, which leads to a broad, thin layer of security that kind of protects a little bit against everything. They’re not focused on protecting against the threats that would actually have a big impact and a significant likelihood of occuring. I meet a lot of CISOs in my work, and they often complain about a lack of direction, of focus on the things that really matter.
That’s why you need a Threat Profile.
A Threat Profile essentially looks at the type of organization you are, the sector you’re part of, the geography you’re in, and takes into account WHAT you are trying to protect (your assets), what you are protecting it WITH (your controls), and what you are protecting it AGAINST (the threats). That results in a Venn diagram that’s unique for every organization.
The purpose of that document should be to allow the CISO to make two distinct decisions. The first one is to determine what the strategic threats are that they want the security organization to prioritize. Examples include ransomware, or payment card fraud (relevant for financial institutions and online retailers), or perhaps cyber espionage from certain geographies.
The second decision should be which teams are going to be the priority stakeholders of the Threat Intelligence team.
With those decisions made, the Threat Intelligence Analysts now know what they are focussing on (the type of threat) and who should receive what kind of information. This, in turn allows them to fill in all the blanks in between: which data-sources to procure or collect, what tools to integrate, which skills to train or hire for. With that in place, they are well positioned to provide strategic and operational guidance to both yourself as a CISO, and your Information Security teams. This allows you to set an informed (and defendable, if things go wrong) security strategy on the things that actually matter.
A Threat Profile allows for strategic direction for the entire security function, and a laser-focus for the Intelligence Team. It will make them more productive, efficient, effective and measurable, which in turn makes the entire organization safer from cyber threats. In fact, this has much to do with why I built Liberty91. Our industry’s experts value a tool that spells out clearly when something relevant to you might happen, and when, and what you should do about it. In real-time.