Takeaways from Predict 2022 – The Intelligence Summit
Editor's Note: Jake Munroe is a Principal Product Marketing Manager at Recorded Future and is in charge of the strategy and product marketing of the Recorded Future Intelligence Cloud which supports all cyber and physical security teams with real-time, actionable intelligence. He has held various roles across the security space in consulting, marketing, and sales. Prior to joining the private sector, he served as a Navy Intelligence Analyst with an extensive background in counterterrorism, cyber threat intelligence, and open-source intelligence investigations.
Recorded Future's most recent annual intelligence summit, Predict 22 in Washington, D.C., was our first in-person Predict conference since 2019, and it definitely did not disappoint! We had representation from many cyber and intelligence professionals, policymakers, and intelligence visionaries. I was fortunate enough to sit in on sessions and talk to clients, industry leaders, and security analysts. In sessions and in conversations, I kept hearing various versions of three different themes. It just so happens these themes are topics I have consistently heard in ongoing discussions with clients and practitioners over the past year.
The three key takeaways I kept hearing were:
- Cyber & physical threat convergence isn’t just a buzzword
- Intelligence maturity continues to increase
- Security teams need more collaboration
I want to unpack these a little more…
Let’s start with the topic of convergence. While the problem of threat convergence has been around for a very long time and is actually something that we at Recorded Future have talked about a lot over the years, almost every session on the first day mentioned “convergence” in some form. From Chris Krebs talking directly about the challenges of convergence, to a CISO in answering the age-old question of “what keeps you up at night?”. The War in Ukraine has absolutely accelerated the use of the term and it has become a mainstream concept used across security publications and marketing materials. Hearing from experts at Predict confirmed that this problem isn’t a buzzword but is actually one of the primary concerns facing security teams today. What I heard is security leaders actually need to understand and prioritize all of the threat vectors that could impact their organization – and teams can’t be siloed in their thinking. This includes cyber, reputational, physical, supply chain, and even dis/misinformation and influence threats. Many organizations are having a hard time wrapping their arms around it all as they have coverage gaps, cross-team silos that are hard to break down, and difficulty understanding geopolitical events with all the possible cyber/business implications. While there was no silver bullet presented, it’s comforting to know we as an industry are working towards solutions with clear outcomes to help prevent damage from adversaries.
Second, it really seems like there has been a sharp increase in intelligence maturity over the past year or so. The second day of Predict was filled with client sessions where they shared intelligence use cases and I was absolutely blown away by the innovative ways intelligence is being used. While there is no shortage of more foundational intelligence uses for tasks such as alert triage, brand monitoring, and indicator of compromise (IOC) enrichment, it was so cool to see some of the more strategic or advanced applications of intelligence. Things like using intelligence for software supply chain security, understanding how geopolitical events may affect both their global personnel and the markets they operate in, and helping to clearly prioritize security spend and control coverage based on prioritized threats to the organization. The main takeaway here for me was that with the ability of intelligence to be more automated for foundational use across security teams, analysts can now focus on putting intelligence to work to solve the big, complex problems they didn’t have time to look at prior.
Finally, this last observation kind of relates to the first two but I think it’s super important. The convergence of threats and the more strategic use of intelligence is awesome, but there still seems to be a collaboration issue. I heard from many folks that it's still incredibly tough to collaborate and share intelligence both inside and outside of their organizations. Silos are still in place and they are entrenched. When looking at the threat convergence issue, the cybersecurity team, physical security team, legal team, and others all have a piece of the puzzle. Still, if they aren’t talking and sharing intelligence they can never get to a common understanding of the entire threat landscape – and key indicators will likely be missed. Coming out of Predict, this seems to be the biggest area where improvement is needed and where having a common platform for intelligence can actually help organizations assess and mitigate threats.
To sum it all up, it’s great to see the power of intelligence being used for so many profound use cases and I’m glad that we are aligned on the primary problems facing organizations across all verticals. As intelligence maturity continues to increase, I can’t wait to see how we can collaborate even more and solve them together as a community of security and risk professionals. Be sure to keep an eye out for recordings from the Predict sessions so you can make your own assessments of the primary themes and learn about new ways you and your teams can put intelligence into action.
See how the Recorded Future Intelligence Cloud Platform enables you and your teams to tackle these three challenges, and much more. Request a demo.