So let's go back, - what if we said to the board: "I don't know."
Is that OK?
In security, we are scrutinized by our peers due to the challenging and competitive nature of our field. We don't get to be OK with not knowing anymore, especially when put in a leadership position of such responsibility.
What happens instead is that we are too quick on the draw with providing answers, and the incentive and the agenda for that answer is only to placate or please the requests from on high, thus keeping us in a tactically reactive state which detriments us in our field, as well stunting our capabilities as a potentially strategic leader.
We're wired for speed in security. You suggest that leads to mistakes - especially in the emerging field of intelligence. How so?
This need to solve the problem yesterday and placate to the demand has also been the reason why many tend to walk all over organizations during the sales process. A question remains: Isn't it time organizations that are tasked to defend themselves demand better from industry providers, instead of just buying and accepting what is sold and told to them, and time after time finding out it's not actually working the following year ? What happened to solving the actual problems, by asking yourself what are we solving? How do we solve it? And WHAT DO WE NOT KNOW?
Being pushed by the provider community is due to this over perfection in the first place and our allowing of constant panic because nobody says: NO! Let's stop for a sec, what don't we know?
But let's talk about intelligence:
Note the entire process is encompassed around Evaluation and Feedback - two of the most commonly ignored or skipped over processes of intelligence in our InfoSec community.
The drive for fast-paced answers in intelligence and companies having to service them dilute the understanding of what real intelligence is. Right now, most people are getting information. Without the analysis and production, we only have information. Threat feeds are just information, not intelligence.
Intelligence includes the bi-directional relationships you're involved with.
The back channeling of vital information in the traditional intelligence sense during WWII was based around the relationships that were built over long periods of time. It isn't a race. I know that content is king, and data is the new bacon. But it's not always instant, or big data, it's smart data. Intelligent data that allows you to make a decision quickly. I would rather have slower delivered intelligence with high quality to allow me to understand everything about the decision I need to make.
Sign up for Computerworld eNewsletters.