Everywhere you turn in the world of business, you encounter business intelligence. It is a concept that is being used haphazardly and that is at a serious risk of turning into just another business-related buzzword.
And it is a concept that does not deserve such a fate. It is a concept which has been changing the world of business for a while now, albeit under different monikers and with different approaches and tools. Today, the term business intelligence is used as an umbrella term for data which is collected, stored, analyzed and used to make business decisions. The term also includes all of the actions and processes used in collecting, storing, analyzing and using business-relevant data.
Where Does IT Come In?
Before we can start talking about the concept of cyber business intelligence, we need to understand where IT factors in when BI is in question. Well, it is an integral part of it. In most companies, it is the IT department that is first tasked with collecting data and analyzing it. This is perfectly natural. Later, companies usually create a BI department all of its own, but the IT people are still very much involved.
If nothing else, CIO is always very aware of what is happening on the BI front within any given large company. Considering that CIOs are usually also the persons cyber security teams and people report to, it is no wonder that cybersecurity and business intelligence have a lot to do with one another.
In fact, they have to do much more with one another than most people would imagine.
Why Cyber Security Intelligence
Some people might wonder why anyone would be interested in having cybersecurity business intelligence thrive within a company. In reality, this is something that will benefit everyone involved.
For managers and owners, cybersecurity business intelligence will present the issue of infosec in a factual way which will give them a clear picture of what needs to be done to secure the company. This will also allow them to be more accurate and precise in coming up with a cybersecurity budget.
For CIOs and cybersecurity professionals, this would give them much-needed ammo when meeting with the business decisions makers. By presenting cold, hard data, it is all but impossible for managers and owners to ignore the warnings issued without coming across as careless. This can also help cybersecurity professionals get the resources needed to provide proper protection for the company.
The biggest benefactor, however, will be the company itself, together with its employees and customers who will be better protected.
Where is the Data?
In order for cybersecurity professionals, teams and departments to contribute to a company’s business intelligence, they need to bring something to the table. In other words, they need to collect and present the data that will then be used by the business-decision makers to allocate funds to cybersecurity and make actions that will bolster the company’s defenses.
Cybersecurity professionals already have plenty of data within their reach anyway. Endless firewall logs, policy exceptions, IDS events that are recorded on a regular basis, etc. In combination with worldwide and/or industry trends, as well as websites that allow advanced tracking options, this can amount to seriously useful data sets that would have every right to be considered cybersecurity business intelligence.
Of course, organizing all this data into something that can be analyzed can be a serious undertaking, but no one said this would be a walk in the park. This process needs to involve at least a few basic processes.
The first of these is assigning value to various types of data and allocating an appropriate amount of time and attention to the most important ones. Another process would be a proper way of storing all this data and making sure it is organized in a way that makes logical sense. The cybersecurity team would then analyze this data according to priority status and recommend certain actions depending on their analysis.
Another source of data would be the data the company already collects. This will, most likely, involve an abundance of data which may seem unmanageable at first, but which can be analyzed quite successfully with various business intelligence tools. Some BI companies, like Panorama for instance, have also started involving dark data analysis in their BI tools, data that will often involve records of attempted attacks and various cybersecurity trends among all the endless data.
Making an Impact
The collection and organization of all this data is only the first step in the cybersecurity business intelligence practice which will also have to involve convincing decision-makers to act on it.
The good thing is that with the backup of this data and with the undeniable numbers presented, they will have no choice but to act and start taking cybersecurity at least somewhat more seriously.
We all know how important this is.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.