Share these talks and lectures with your colleagues
Invite colleaguesPractice paper
Threat intelligence meets risk management for operational resilience
Cyber Security: A Peer-Reviewed Journal,
6
(2),
111-118
(2022)
Abstract
Threat intelligence, especially cyber threat intelligence, is often given limited value. Some treat it as mutually exclusive from resilience activities or decisions, while others may opine it is not valuable if it cannot be automated. In practice, applying a combination of threat data and intelligence analysis into a business risk management plan is an essential part of how cyber defence and risk management teams can effectively prioritise and focus their programmes. In order to manage cyber risks effectively, private sector companies need to branch out from intelligence-led security to intelligence-supported business resilience. This requires a holistic approach to establishing priority intelligence requirements (PIRs) and analytical products for specific stakeholders. Intelligence analysis is not created for other intelligence analysts but for those seeking to protect the company and its customers, such as risk and business continuity managers. Using the example of third-party and supply chain risks, this paper argues the merits of using advanced levels of intelligence analysis to support cyber defences, as well as risk management and operational resilience.
Keywords: cyber threat intelligence; risk intelligence; cyber security; priority intelligence requirements; governance and compliance; organisational resilience; third-party risk; supply chain risk; cyber intelligence analysis
The full article is available to subscribers to the journal.
Author's Biography
Teresa T. Walsh Teresa Walsh is FS-ISAC’s Global Head of Intelligence, based in London. Her team extends around the world, supporting FS-ISAC’s mission of addressing cyber risks and operational resilience for the financial industry. Teresa has worked for FS-ISAC for over six years, previously working for the banking industry at Citibank and JPMorgan Chase. Teresa started in the intelligence analysis profession with the US Department of Defence, working for the US Naval Criminal Investigative Service (NCIS) and later as a Booz Allen contractor for the US Army. She has 20 years’ experience in the field.
