Skip to main content
      Request a Quote

      Proactive Intelligence-Led Security for Business Success

      Learn how intelligence-led security transforms your business. Integrate intelligence across departments for proactive risk management and smarter decisions.

      By: Mike Evans, Director Risk Intelligence Center, Securitas Group

      Risk intelligence plays a crucial role in safeguarding a company’s people, property, and brand reputation. When used effectively, intelligence not only enhances security but also provides business leaders with a strategic edge in decision-making.  

      If intelligence is so valuable, why aren’t companies using it to their full advantage? Companies still struggle to conduct intelligence operations — collecting, analyzing, and using information to mitigate risks and improve operations. Poor intelligence operations lead to unclear requirements, siloed teams, and reactive approaches. 

      Security teams face an even tougher challenge: integrating intelligence across the organization. Even when intelligence is gathered effectively, it fails to benefit the organization if it doesn’t reach key decision-makers. 

      To change this, companies must transform intelligence from merely passive information collection in siloed departments to an active participant in both security and business operations.  

      Passive intelligence operations lead to underwhelming results 

      Today’s security landscape is evolving at a breakneck pace. From emerging cyber threats to threats against people, property, and brand reputation, combatting risk never ends.  

      Intelligence helps organizations stay in lockstep with threat evolutions, offering leaders more opportunities to thwart risks and make informed decisions. Yet, for such a vital function, many organizations apply outdated approaches to intelligence gathering, usage and team structure, leaving them vulnerable to exploitation. 

      To start, many organizations do not clearly define their intelligence requirements or management to support operations. For instance, it is common for intelligence teams to get a directive like, “I want to know about protests or terrorism nearby.” Information on those topics could be vital, but organizations do not define expectations further or cover the impacts those events could have on their business.  

      Many security teams use open source intelligence (OSINT) to meet those requirements. OSINT is often cost-effective and easier to access, but alone, it provides an incomplete picture and can miss threat signals or indicators not publicly reported. Still, many organizations rely on passively collected OSINT through intelligence tools, hampering their overall risk readiness.  

      Passive collection, tool limitations and unclear priorities mean teams cannot adequately analyze incoming intelligence and think critically to identify threats or opportunities. Without direction and strategy, they send every alert up the ladder, whether it carries context about potential business impacts. Intelligence teams then field complaints on how reports do not address what leaders want to know. 

      What is common throughout these challenges? Many organizations remain reactive, failing to actively gather, analyze, and apply intelligence to strengthen their security posture and operations. 

      Take control with an intelligence-led approach to security 

      It is time to empower intelligence to actively lead organizational security. Businesses should focus on capturing requirements, using all appropriate sources, and integrating intelligence across their organizational structure to establish an intelligence-led approach. 

      Moreover, you can adjust operations within your current intelligence cycle, allowing security teams to adapt quickly. How might this look in your organization? Consider the four major cycle steps: 

      Direction 

      Direction involves identifying and prioritizing intelligence requirements across the business. Leaders should pin down the organization’s objectives and relevant context. Review and update your objectives and risks every three months to reflect a fast-changing risk environment. 

      Collection  

      Collection is the gathering of information from sources beyond OSINT. An all-source approach to intelligence gathering, including sources unique to your organization like employees, partners, and suppliers, resolves intelligence gaps and comprehensively answers intelligence questions. 

      Analysis 

      Analysis is the application of analytical techniques to interpret collected data. This extends beyond the usual red-amber-green ratings in risk matrices. Explore tools and emerging technology that offer more sophisticated analytical methods to produce valuable insights. 

      Dissemination 

      Dissemination is the sharing of intelligent findings across business functions. Many organizations fall short by limiting dissemination to security teams. Intelligence needs clear routes to reach decision-makers across the organization. 

      Intelligence-led security transforms a reactive process into a proactive, value-adding business function. 

      Integrating intelligence throughout your organization 

      Intelligence accomplishes more when properly integrated with your company’s operations in every department. How might that play out?  

      Recall the vague requirement: “I want to know about protests or terrorism nearby.” Recently, an organization with clear requirements around this topic identified a particularly disruptive protest planned to occur three months later. Identifying the potential threat early and communicating to stakeholders allowed leadership to manage risk through actions like: 

      • Monitoring for suspicious behavior 
      • Posting signs to deter trespassing 
      • Obtaining a court injunction to allow police to intervene sooner 
      • Communicating across departments like HR, operations, legal and communications to coordinate external efforts 

      The company mitigated millions in potential disruption costs by leading with intelligence, showcasing how proactive intelligence can deliver better security and business outcomes. Throughout this operation, the company’s centralized intelligence function provided a single view of the truth and led coordination efforts, outperforming siloed teams working in isolation. 

      Proactive intelligence-led security can mitigate many risks, from handling threats against company leadership and disruption costs to analyzing broad market risks and preparing for crises like the COVID-19 pandemic or geopolitical conflicts. 

      Humans are here to stay in intelligence operations 

      Human-led integration efforts are increasingly vital as tools and systems evolve to take on more roles in supporting intelligence operations. Emerging technologies like AI promises comprehensive and automated data collection and analysis, drawing from a broader range of sources.  

      Yet, AI-powered tools are limited in their judgment and execution capabilities. Automated intelligence functions without direction and strategy can exacerbate the challenges of overwhelming information volume, context-less alerts, and siloed operations.  

      Successful intelligence integration requires a managed convergence between humans and machines. Human experts can use their judgment to make the best decisions and lean on technical systems to gather and present the most helpful data. Time saved on collection and analysis can go toward dissemination, ensuring a healthy pipeline of intelligence flows throughout departments. 

      Intelligence-led security protects and grows businesses  

      A lot of power lies within intelligence executed successfully. Integrated intelligence-led security breaks down the silos holding back most companies and empowers intelligence to augment every business function. 

      Transitioning from a reactive to a proactive posture takes commitment, direction, and time. That said, the threat landscape won’t wait for you. Use your intelligence data and build robust processes to direct, collect, analyze, and disseminate insights. Meet evolving risks head-on with intelligence-led security.

      ###

      About the Author 

      Mike Evans, Director Risk Intelligence Center at Securitas Group, is a risk and security leader with broad subject matter expertise and considerable experience spanning private and public sectors in multiple protective disciplines. In his role at Securitas UK, Mike has developed an industry-leading and award-winning security and threat intelligence service. Under his direction, the business transformed from a support service to a profit center, increasing revenues by 500%~ in year one, internal stakeholder reaches by 1000%~ within two years, and delivering intelligence and investigation services to some of the largest corporations in the world. 

      Set my preferences

      You can decide how we use cookies on your device by adjusting the settings below. Click on “Accept all” if you accept all cookies. If you do not accept us storing cookies that are related to Google Analytics you can leave the box empty. All other cookies that we use are considered as always active since they are required for us to let visitors interact with and use the websites. When you have made your choice, scroll down the list and then click on the “Confirm my choices” button in the bottom of the list.

      • Name:
        _ga

        Used to distinguish users. A unique identifier associated with each user is sent with each hit in order to determine which traffic belongs to which user. This cookie enables the website's owner to track a visitor’s behavior and measure the website's performance. The main purpose of this cookie is to improve the website's performance.

        Name:
        _gat

        Used to throttle request rates for information on the website. This cookie does not store any user information. The main purpose of this cookie is to improve the website's performance.

        Name:
        _gid

        Used to distinguish users. This cookie enables the website's owner to track a visitor’s behavior and measure the website's performance. The main purpose of this cookie is to improve the website's performance.

      • Name:
        ai_session

        Speeds up page loading times and overrides any security restrictions that may be applied to a browser based on the IP address from which it comes.

        Name:
        ai_user

        Unique user identifier cookie for counting the number of users accessing an application over time.

      • Name:
        ARRAffinity

        Routes the request made through a web browser to the same machine in the DXC cloud environment. See ARRAffinity - Microsoft Azure. This cookie is deleted when you close your browser.

      • Name:
        __cfuid

        Speeds up page loading times and overrides any security restrictions that may be applied to a browser based on the IP address from which it comes.

      • Name:
        CookiesAccept

        Used to keep track of whether the user has accepted the cookie usage or not. This is not set unless the visitor has clicked on "Accept" in the cookie banner in the bottom of the website. The main purpose of this cookie is to improve the website's performance.

      • Name:
        EPiForm_{FormGuid}:{Username}

        Stores partial form submissions so that a visitor can continue with a form submission upon return. One cookie is created for each form and each logged in visitor. Stores the current submission status of the form (formGuid, submissionID, and if submission is finalized or not).

        Name:
        .EPiForm_BID

        Identifies the form submission made to the site when a visitor submits data via an Episerver form. Stores a GUID as the browser ID.

        Name:
        .EPiForm_VisitorIdentifier

        Identifies the form submission to the site when a visitor submits data to via an Episerver form. Stores a GUID which is the visitor identifier. Persistent (90 days from creation).

      • Name:
        EPI-MAR-<Content GUID>

        Records a visitor’s interaction with a running website optimization test, to ensure that a visitor has a consistent experience.

      • Name:
        ASP.NET_SessionId

        Used to keep track of a user navigating through the website. This is used to transfer information between pages and to store information that the user might reuse on different pages. The main purpose of this cookie is to improve the website's performance.