In episode 56 of The Cyber5, we are joined by Ray O’Hara, Executive Vice President for Allied Universal.

We discuss the use of intelligence for corporate security programs, usually overseen by a Chief Security Officer (CSO). We talk about some of the challenges this role faces and how intelligence can be actionable to mitigate those risks. We also work through various case studies, talk about metrics for success, and what technology platforms are used to aggregate intelligence that might be useful in the future.

Four Topics Covered in this Episode:

1. Role Shift for Chief Security Officers (CSO)

• For many large organizations, the chief security officer is the chief strategist for organizing the holistic security strategy and obtaining board approval for the organization.
• CSOs are no longer in the day-to-day planning around “guns, guard, and gates.” Instead, they are more strategically focused on business continuity, emergency planning, and crisis management.
• Risk to business leaders drives the daily activities of CSOs. They need to understand that other business leaders may choose to work around the threat to execute against profit and loss.

2. Intelligence Sources for Chief Security Officers

• Having a dedicated intelligence analyst is an important asset to a chief security officer.
• Emerging markets, information on key suppliers, as well as competitor data is routine tasking for an intel analysis who is subordinate to the CSO.
• Since security is a necessary cost center on the administrative function within organizations, intelligence analysts need trusted partners to handle the collection and analysis side of intelligence, including social media. Additionally, intelligence analysts ensure that collection and analysis are tailored to business management requirements.

3. Sentiment Analysis Combines CISO and CSO Functions

• Negative sentiment analysis against a company's brand traditionally falls within the CSO's GSOC function. However, this responsibility is starting to move toward information security due to threats to confidentiality, integrity, plus the needs for availability of data, systems, and networks from the Dark Web. As long as coordination is present, it doesn't matter whose lane covers social media sentiment analysis.

4. Social Media Monitoring Critical For Reducing Executive Protection Resources

• Executive protection is expensive when a physical security threat escalates. Effective social media monitoring and direct threat actor engagement help to derive the most accurate protective intelligence. They can be a more cost-effective way to monitor the danger without having 24x7 surveillance.