Financial Discipline and Survival

 
The Great Recession demonstrated the importance of financial discipline to help ensure businesses remained profitable and continued to grow – even when faced with economic uncertainty. Managed Services Providers (MSP) were vital to helping businesses stay on track.

When prosperity returned, the MSP’s role evolved as their clients needed help accelerating digital transformation and combating escalating and increasingly sophisticated cyber threats.

Today’s Security teams hunger for capabilities that can help avert a crisis. When it comes to threat intelligence, they are being poorly served by cyber threat feeds and platforms that require complex integrations and overwhelm analysts with too many alerts. This noise causes them to miss critical indicators of risk.

Lessons from the Great Recession (2008-2010) through the 2010s

 
As the world enters a time of economic downturn and geopolitical turmoil, businesses are faced with difficult decisions. Costs are increasing, security teams are overwhelmed, and the threat landscape is more ominous than ever. The stakes are high. But this isn’t new and we can learn from the past.

Driven by failures in the housing sector, the economy officially entered a recession in December 2007. Although modest at first, the rate of economic decline accelerated quickly in the Fall of 2008:
 

• U.S. gross domestic product fell by 4.3%, the biggest drop since WWII
• The unemployment rate more than doubled, from less than 5% to 10%

 
The recession lasted 18+ months, longer than any previous recession. For businesses, few were immune to the impact. Sales and profits declined for almost all industries and businesses had to make tough decisions to cut budgets and trim resources.

People’s lives increasingly moved online. Social media adoption and influence increased, eCommerce began to dominate retail, streaming media became prevalent, and internet-enabled IoT devices delivered increased convenience. This transition to a connected world moved cybersecurity to the forefront.

“[The 2010s]…were the decade in which the last of our comfortable illusions of a free (libre), stable, and peaceful cyberspace were shattered…” according to Professor JD Work, the Bren Chair for Cyber Conflict and Security at Marine Corps University. (See source 2 in appendix)

Before the 2010s, cybersecurity responsibilities were almost exclusively the concern of the IT team. Short of a catastrophe, it rarely got a second thought from executive leadership, let alone the board of directors. That’s because, before 2010, cyber-attacks were typically limited in scope and minor in impact. The 2010s changed all that.

After years of ignoring the warning signs, high-profile data breaches and complex cyber weapons became common. By the end of the decade, the world could no longer ignore the onslaught of breaches, ransomware, and digital fraud we all faced and finally began to recognize the broader impact of cybersecurity on public safety and confidence, as well as national and economic security. (See source 3 in appendix)

Now, cybersecurity is top of mind for the C-suite and is a common topic of discussion with the board as businesses strive to avoid becoming the next victim of a headline-grabbing breach.

People’s lives increasingly moved online. Social media adoption and influence increased, eCommerce began to dominate retail, streaming media became prevalent, and internet-enabled IoT devices delivered increased convenience. This transition to a connected world moved cybersecurity to the forefront.

“[The 2010s]…were the decade in which the last of our comfortable illusions of a free (libre), stable, and peaceful cyberspace were shattered…” according to Professor JD Work, the Bren Chair for Cyber Conflict and Security at Marine Corps University. (See source 2 in appendix)

Before the 2010s, cybersecurity responsibilities were almost exclusively the concern of the IT team. Short of a catastrophe, it rarely got a second thought from executive leadership, let alone the board of directors. That’s because, before 2010, cyber-attacks were typically limited in scope and minor in impact. The 2010s changed all that.

After years of ignoring the warning signs, high-profile data breaches and complex cyber weapons became common. By the end of the decade, the world could no longer ignore the onslaught of breaches, ransomware, and digital fraud we all faced and finally began to recognize the broader impact of cybersecurity on public safety and confidence, as well as national and economic security. (See source 3 in appendix)

Now, cybersecurity is top of mind for the C-suite and is a common topic of discussion with the board as businesses strive to avoid becoming the next victim of a headline-grabbing breach.

Recognizing Recession: Economic Turmoil is Here

 
While there is no universally accepted definition of a recession, after two consecutive quarters of negative gross domestic product (GDP), economies are generally considered to be in one. It is a dubious mark achieved by the United States in the first half of 2022.

Costs are up dramatically with the Bureau of Labor Statistics reporting that the consumer price index (CPI) skyrocketed 9.1% yearly, a rise not seen in four decades.

Similarly, the Personal Consumption Expenditures (PCE) price index, was up over 5% and yields on 2-year U.S. Treasury notes jumped above the yields on 10-year Treasury notes resulting in the deepest yield curve inversion since 2007.

While there is some room for optimism (the U.S. economy is adding jobs and the unemployment rate is low), the bulk of economic indicators suggest business leaders would be wise to operate as if we are actively in recession.

Even blue-chip companies aren’t immune to the economic downturn, although large companies tend to have more means to offset declining revenues and earnings.

To stay viable, companies have begun reducing hiring or imposing hiring freezes. Many will be forced to suspend pay increases and execute layoffs.

Escalation of Cyber-Physical Risks Factors

 
Today, enterprise security teams grapple with a multitude of physical threats that risk business continuity, including:
 

• Threats against the employees, C-suite, the board, or their families
• Threats against assets, infrastructure, and locations
• Threats against reputation
• Threats involving protests and disinformation

The Growing Importance of Threat Intelligence

 
Threat intelligence refers to knowledge and supporting data that can inform and assist someone in preventing or responding to a specific threat.

Threat intelligence is developed from data that is collected, correlated, processed, analyzed, and refined into an assessment of a threat actor’s intended target, motivation, behavior, tactics, and likely objective.

The purpose of threat intelligence is to allow security practitioners to make informed decisions that are timely, relevant, and actionable, allowing them to protect their people and assets from dangerous threat actors.
 

Who Benefits from Threat Intelligence?

 
Any organization with sensitive or abundant digital assets will benefit from some form of threat intelligence.

Whether you are a small firm with limited resources or a large organization with vast data and a team of analysts to protect you, threat intelligence can help you defend your organization with greater accuracy, efficiency, and timeliness.

The Growing Importance of Threat Intelligence

Threat intelligence refers to knowledge and supporting data that can inform and assist someone in preventing or responding to a specific threat.

Threat intelligence is developed from data that is collected, correlated, processed, analyzed, and refined into an assessment of a threat actor’s intended target, motivation, behavior, tactics, and likely objective.

The purpose of threat intelligence is to allow security practitioners to make informed decisions that are timely, relevant, and actionable, allowing them to protect their people and assets from dangerous threat actors.

Enterprises Need Threat Intelligence, Not Threat Data

 
Unfortunately, cyber threat “intelligence” (CTI) vendors have hijacked the meaning of threat intelligence, creating confusion about its real value. The CTI market, estimated to be in excess of $10 Billion, consists primarily of vendor offerings built on the idea of collecting the broadest data lakes and using AI and machine-learning to detect known threats.

What these cyber vendors call “threat intelligence” is really “data” refined by proprietary artificial intelligence engines in an attempt to make it more relevant. Proper finished intelligence must be defined as being timely, relevant, and actionable. In order to be useful, it must also be client-specific.

Developing finished intelligence requires rigid adherence to the predefined collection, processing, exploitation, and dissemination threat lifecycle and analysis by experts with an adversarial mindset.

True Threat Intelligence Isn’t Just

Maximizing the Value of Intelligence

 
The information provided by threat intelligence should allow security practitioners to make timely and informed decisions to protect their people and assets. Unfortunately, 82% (See source 8 in appendix) of security leaders feel their threat intelligence is too reactive, leaving teams to respond to breaches after the event instead of before the attack. Organizations don’t want to respond to attacks, they want to prevent them.

The Value of OSINT is in the Analysis

Maximizing the value of open-source information and refining it into actionable intelligence requires a rare combination of skills and experience across a wide array of intelligence domains, including HUMINT, SIGINT, GEOINT, IMINT, and FININT. For example:
 

• Geospatial (GEOINT) and imagery (IMINT) intelligence experts can establish a pattern of life from photos posted on social media.
• Online scams on social platforms often point victims to crypto wallet addresses. Financial intelligence (FININT) experts can track transactions to and from the address.
• Human (HUMINT) intelligence skills are now leveraged in cyber space, allowing for direct threat actor engagement, report building, and infiltration of closed forms.
• Signals intelligence (SIGINT) expertise is no longer required to track active flights, as flight data, including aircraft registration, position, altitude, and velocity, are now widely available online.

The Rise of Managed Services

 
With so much financial pressure falling on business leaders, cutting costs can be necessary for survival. But being understaffed and ignoring key business operations is not an option.

As they say, “you can’t cut your way to growth” – and with so much of companies’ security and intelligence dependent on expensive technology and resources, leaders know they must evaluate alternatives that give them flexibility while continuing to advance their operations.

For many years, companies have needed help supporting infrastructure while simultaneously modernizing for the future. Managed Services Providers fill that need by providing technology, IT expertise, and resources as a pay-as-you-go subscription service.

Not only can businesses upgrade and expand technology and tools, but they can also reduce or eliminate upfront costs and capital expenditures (CAPEX) in exchange for committing to a subscription contract with their MSP partner. Unsurprisingly, managed services adoption grew ~60% faster from 2008-2010 than in years prior.

The Rise of Managed Services

 
With so much financial pressure falling on business leaders, cutting costs can be necessary for survival. But being understaffed and ignoring key business operations is not an option.

As they say, “you can’t cut your way to growth” – and with so much of companies’ security and intelligence dependent on expensive technology and resources, leaders know they must evaluate alternatives that give them flexibility while continuing to advance their operations.

For many years, companies have needed help supporting infrastructure while simultaneously modernizing for the future. Managed Services Providers fill that need by providing technology, IT expertise, and resources as a pay-as-you-go subscription service.

Not only can businesses upgrade and expand technology and tools, but they can also reduce or eliminate upfront costs and capital expenditures (CAPEX) in exchange for committing to a subscription contract with their MSP partner. Unsurprisingly, managed services adoption grew ~60% faster from 2008-2010 than in years prior.

Nisos Managed Services

Nisos Managed Intelligence™ delivers client-specific threat intelligence as an analyst-led managed service. We help businesses identify, analyze, and remediate threats across physical and cyber intelligence domains.

Our services support cybersecurity, corporate security, trust & safety, physical security, and corporate reputation teams with finished threat intelligence to enable smarter defense and informed response to threats from motivated adversaries.

We help our clients defend their organizations, preserve value, and prevent loss, as well as defeat, and attribute threats. Our in-depth understanding of the adversarial mindset helps us provide clients with in-depth insights into how someone could compromise your assets.

The Nisos Process

 
Using proprietary technology and datasets, Nisos delivers tailored intelligence with specific insights into targeted adversary behavior – not vague or generalized “threat data” or “feeds.” Nisos fuses intelligence with expert investigative tradecraft to identify and disrupt cyber threats before harm occurs. When necessary, Nisos investigators attribute and unmask adversaries so clients or law enforcement can pursue appropriate action.

• Digital threats to the company
• Company sentiments and threats on social media and forums
• Company information on hacking forums
• Company information on dark web marketplaces
• Threats to C-Suite executives

Sources:

1. 1. https://www.mckinsey.com/~/media/McKinsey/Business%20Functions/Risk/Our%20Insights/The%20emerging%20resilients%20Achieving%20escape%20velocity/The-emergingresilients-Achieving-escape-velocity-v3.pdf
   2. https://www.atlanticcouncil.org/content-series/the-5×5/the2010s-a-cyber-decade-in-review/
   3. https://www.atlanticcouncil.org/content-series/the-5×5/the2010s-a-cyber-decade-in-review/
   4. https://www.statista.com/statistics/817918/number-of-businessbankruptcies-in-the-united-states/
   5. https://www.checkpoint.com/downloads/resources/cyberattack-trends-report-mid-year-2022
   6. https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/ RWMFIi#page=58
   7. 2022 Ontic State of Protective Intel
   8. Nisos – Vanson Bourne Survey
   9. Nisos – Vanson Bourne Survey