By Gala Riani
Gathering intelligence has always been a key tool for organisational decision making – understanding the external operating environment is the ‘101’ for business. How can you grasp the challenges and opportunities for your company without a deep understanding of all the contributing factors that make the company tick?
Related: We’re in the golden age of cyber espionage
Intelligence is required to support the evolving needs of business, providing information for decision makers throughout the company lifecycle – everything from entering and exiting markets to managing mature operations. At any point the external environment can throw a curve ball – new government regulations, changes in political and social dynamics, or trends in sustainability to name a few.
In our recent report Intelligent Business: 2022 Strategic Intelligence Report we asked 205 creators and consumers of intelligence within large organizations (i.e. with a turnover of over USD 250 million) about the importance of intelligence to their company. 65 percent said that strategic intelligence had grown in importance over the past five years.
And why? The top reason, chosen from a proved list of ten, was ‘increased cyber security risks’, followed by the related concern, ‘new and/or increased data privacy regulations’. Cyber security keeps the C-suite up at night and perhaps that’s no surprise.
Cyber in a silo?
Cyber attacks are crippling incidents that hurt immediately – by halting business, and continue to hurt into the longer term – by hitting company reputation. This concern isn’t new, there is wide understanding that when it comes to cyber incidents, it is about ‘when’ not ‘if’, and all large companies will have cyber strategies in place.
However, in our research, Investing in Cyber Resilience (2021) we found that only 49 percent of companies have a fully implemented and rolled out cyber security strategy, indicating pervasive barriers to cyber strategy adoption. And who is creating and driving the cyber strategy? In traditional, siloed, organizational structures, collaboration between cyber functions and the rest of the business can be inhibited and an uphill struggle for wide understanding and adoption of cyber security.
Our research found that a key component in lifting these silos and gaining broader implementation was engagement at the very top. When organizations cite their board-level engagement in cyber strategy as ‘highly proactive’ then the implementation rates are significantly higher too.
Context of risk
Cyber security should also be viewed in a wider business context. The technical side of protecting a company from cyberattack is important, but taking a step back and considering the who and the why can add shape to one’s security strategy. And this is where strategic intelligence feeds into the cyber security puzzle.
The Ukraine-Russia war is a grim example of geopolitical risk intersecting with cyber security risk. In the months before the invasions, all the signs of imminent military action began to emerge, these red flags combined with Russia’s reputation as a leader in cyber threat activity should all raise the alert level for any companies exposed to Russian markets.
How would nation state actors respond to the war? Would this conflict spill into cyber space and what could that look like? In this context, geopolitical threat intelligence is a critical piece in understanding and planning for cyber security.
Risk, including cyber risk, cannot be viewed in isolation. The CEOs and senior leaders charged with navigating companies through the interdependencies need relevant, timely and actionable insights – the strategic intelligence that will complete the puzzle and support decision making.
About the essayist: Gala Riani is the head of strategic intelligence at S-RM a global intelligence and cyber security consultancy. Riani has experience as political advisor to Kurdistan Regional Government (KRG) and as the director on the Global Risk Analysis at Control Risks. She has a BA from the University of Cambridge and an MSc from the London School of Economics.
