Gather and act on intelligence, says KPMG report
UK organisations may accept that cyber threats are growing, but many do not have the capability to adequately deal with online attacks.
According to a report by KPMG, business leaders should adopt the same tactics used by law enforcement agencies to ensure their focus is on the right risks and intelligence is gathered in an orderly, rather than reactive, manner.
It recommended three principles that it said will help organisations manage the cyber threat proactively and minimise risk: create an intelligence-led mind-set, implement an intelligence operating model; and build an intelligence-led decision making process.
Malcolm Marshall, KPMG partner and head of the firm's information protection and business resilience team, said: “Increased awareness of cyber security threats is a positive trend, but indications are that organisations now need to focus on putting into place the fundamentals of intelligence management to gain real value from what they know.
“It's the absolute minimum required to instil confidence among board members. No organisation can dedicate resources to counter every threat. With limited public funding, law enforcement agencies have learned hard lessons in how to prioritise threats and allocate resources. Cyber threats are no different.”
The report claimed that organisations should be using intelligence to protect information assets, customer data and shareholder value. This will involve gathering information, analysing it to identify the offender, victim, what was being targeted and time – specifically are there any temporal patterns regarding cyber attacks and are your information assets more vulnerable at certain times?
Following this, look to build an intelligence-led decision making process, which in law enforcement and intelligence organisations, helps informs all core business decisions.
Marshall said: “It should be possible to identify core vulnerabilities and the potential impact of loss or denial of access. In other words, intelligence collection should be informed by an understanding of the priorities of assets and constantly mutating threats and vulnerabilities.
“Just as law enforcement agencies use intelligence to protect the public, organisations should be doing the same to protect information assets, customer data and, ultimately, shareholder value.”