Welcome to IntelligenceArts.
We provide analysis and services that help our clients extend their business internationally while protecting their people and property from cyber threats. As former U.S. Intelligence officers, we have decades of experience with global threat actors, and our deeper insight helps our clients to recognize and defend themselves from cyber threats. We analyze our clients’ cyber threat landscape and implement a holistic cyber security strategy that builds a strong, secure, and well-informed organization.
Our services
We help you understand threat, make decisions about your countermeasures, and bring your entire organization together to protect your cyber assets.
Threat Landscape
Security starts with information: who creates threat for your organization? What do they want? How does your company fit into their plans? And just how good are they?
Risk Assessment
Threat is about possibility, whereas risk is about likelihood. We get you from threat to risk so you can begin making informed decisions for your security.
Security Strategy
Your cyber and human security resources can work together to strengthen your company across the board. Our approach unites every aspect of your security program.
Threat Landscape
We show you who is out there, what they want from you, and how they can damage you.
Threat derives from the motivations and capabilities of adversaries.
An adversary is driven by a purpose: to monetize data assets as quickly as possible for financial gain; to acquire information for strategic use; to steal technology; to despoil the public face of a perceived enemy. You need to see your organization as others do: where do you fit in someone else’s plans?
But wanting to attack you doesn’t create threat unless the adversary also the right capabilities. Hacking, trade secret theft, and economic espionage have costs. We show you where your adversaries stand: the resources they have at hand, their level of technical sophistication, the pool of talent from which they can draw. We track their development and assess what they can bring to bear against you now as well as how they can develop new capabilities to evade your security program in the future.
Supercharge your threat analysis.
Want to derive maximum value from your in-house threat analysis team? We develop specialized analysis products, conduct tune-ups to sharpen your team’s focus and effectiveness, and provide ongoing consulting and advisory support. And if you don’t have your own internal threat analysis unit, we can do it for you.
Build upon a strong foundation.
Your threat landscape is the starting point for strengthening your entire organization. The next step is a threat-based risk assessment that helps you make decisions for deploying your limited security resources. Then, we help you design a holistic security strategy that addresses human, cyber, and physical threats.
Threat-Based Risk Assessments
Our approach eliminates information overload.
First: Risk starts with threat.
Are you a target for hacktivists? What about China? Or your competitors? To get from fear to reality, you need to understand your adversaries. What do they want? What economic and political factors drive them to target your company’s technology and expertise? Do they have the capabilities to target your cyber systems and people? As former U.S. Intelligence officers, we know these adversaries, what they want, how they think, and what resources they have to pursue their objectives.
Second: Consequences matter.
A security breach is embarrassing, but the lasting impact to your business is financial loss. Of all the possible security compromises that your adversaries could cause, which ones would create actual financial consequences for you? We help you assign relative values to security compromise, and then we prioritize the threats that can do real damage to your business. You see threats ranked by the outcomes of greatest concern to your company.
Third: Focus and depth.
We’ve identified the adversaries who have the will and capability to do you harm. We’ve ranked the outcomes that would do the greatest damage to your business. Now that we’ve reduced the field, we focus on the vulnerabilities that enable these outcomes. We understand how cyber and human vulnerabilities enable each other, and how far a determined adversary will go. You get a defense-in-depth strategy across your physical, cyber, and human vulnerabilities.
Security Strategy
Our strategy has eight elements that work together. They’re not steps: each can be pursued in parallel with the rest. Our methodology builds out each element individually, sets up relationships with the rest of your organization, and connects the parts into a whole.
Get a real risk assessment
Our process takes you from the infinite possibility of threat to the real-world likelihood of risk. You get a roadmap that doesn’t just guide you but also helps you communicate with the rest of your organization and explain your decisions. We reduce the meaningless noise so you can focus on your company’s specific security priorities.
Harden your systems
Our threat-based risk assessment shows you the systems that are critical to your company’s value and that are targets for capable and motivated adversaries. We work with you to assess whether the security tools you have are properly configured and utilized to address the threats you face. If you need more, we suggest additional tools to help you. Our goal is to make the most of your existing security investment and make every additional security dollar count.
Harden your people
Others say that people are your greatest security liability, but we believe that when you equip and inform your people, they will become your strongest security resource. Give your people the context and training they need to understand the threat landscape and their role in your security, and they become your eyes and ears. We help with training and information that transforms your workforce into a security force.
Block targeting
Before you are attacked, you are targeted. As former U.S. Intelligence officers, we studied national security targets to find human and technical vulnerabilities, and we use the same analytic process and operational thinking to help you improve your security. Our Targeting Studies show you how an adversary can profile your organization and people from the outside, making his attack more effective. We suggest ways to reduce preventable information leaks and how to minimize the consequences of the leaks you can’t control.
Work with your supply chain
These days, your partners’ security is also your security. We help you strengthen your security relationship with your trusted supply chain partners. If a supplier is in a risky environment, we show you ways to protect yourself while still maintaining your business relationship. We help with market entry strategy, security plans, and contract reviews to make your supply chain as secure as possible.
Develop industry awareness
Predators divide the herd into individuals. If you don’t stick together with your peers and use every defensive resource in your environment, you risk being picked off and taken down. We facilitate industry exchanges with discussions, seminars, and topical presentations. We can help you get more from your government liaison relationships by asking the right questions and understanding the roles and limitations of each agency.
Develop adversary awareness
Your threat landscape is constantly evolving: as your security improves, your adversaries have to work harder to penetrate you, and they will adjust and improve their techniques. We track your adversaries and keep you updated on their new capabilities so you can prepare for what’s next.
Learn from what is happening to you
Every security incident is also an opportunity: choose to learn from what happened and you can improve your security and avoid repeating the same mistakes. Our idea of incident response covers past, present, and future: what happened to enable the incident, what the true extent of the incident is now, and what the adversary will try next.