In conversations with IT Security across industries and organizatons, we are seeing indications of a growing need - IT Security in enterprises want to extend their eyes and ears to threats beyond the confines of their networks. This is evident from an interview with Darryl Cox, Director - Audit & Control, QTS (Quality Technical Services), that we conducted recently (2:18 in the video):
We've been hearing more and more from enterprises about a desire to be able to see beyond the boundaries of their network and organizations and identify and prepare for threats before they have an opportunity to strike. This seems to be the natural response to how the threat landscape is changing. Organizations are seeing greater sophistication in and increased risk from very select threat actors who may be targeting their specific organization and want to get visibility and intelligence into those actors before they strike.
This reminds me of the progression of Business Intelligence in the enterprise. Though organizations have been performing competitive analysis for ages, the interest in Business Intelligence both from an information collection and computational analysis perspective took competitive analysis to a new level in the last decade. We very well may be seeing a similar trend developing in IT Security. The good news is that IT Security staff are finding open forums for discussion, sharing insights with peers, utilizing publicly available information and in cases, obtaining intelligence on threats from third party sources.
As the threat landscape continues to evolve, it will be fascinating to see how this potential trend develops further.