Corporate Threat Intelligence 101

Published: Jan 24, 2019
Modified: Mar 24, 2020


What is corporate threat intelligence?Corporate threat intelligence is the proactive, holistic, and constant collection, analysis, and dissemination of information that predicts and monitors the specific threats and risks facing a corporation. It improves situational awareness by giving leaders the information they need, at a glance, to make quick and informed decisions.


Why do corporations need a threat intelligence program?
Threat intelligence helps leaders identify challenges before they negatively impact operations, reducing the risk of getting caught off guard, and allowing the organization to take the steps necessary to prepare in advance for adverse events.

A quick read through a recent edition of the Economist, for example, highlights how corporations are navigating the perils of transnational business. Many of our clients source large amounts of materials from China. This made sense in the past when China’s industrial base was new and labor extremely cheap. Even now as labor costs rise, China’s robust infrastructure and improved technology at factories lowers the cost of employing people.

China, however, is also growing richer and older. An increasingly skilled and sophisticated workforce is demanding more pay, while the workforce is shrinking as the population ages. This means that in the next two decades, there will be fewer and fewer available workers willing to work for low pay. Add in the growing strength of the Yuan, increasing shipping cost, China’s growing economic and military dominance in the region, and the potential for trade disputes with the U.S., and you end up with the likely scenario that China will soon become a less cost-effective place to do business than it once was.

The seemingly obvious solution to this is to move operations to other countries in the region, such as Malaysia, Vietnam, or Indonesia; but none of these countries has the reliable supply chain infrastructure and stable business and political environment found in China. A robust threat intelligence program can not only help a corporation understand these risks in the context of its business operations and strategic goals but can also ensure that leaders have the right information at the right time to make the best decisions for the company. A threat intelligence program can also identify options not immediately obvious, such as the benefits and risks of opening operations in politically liberalizing countries such as Myanmar.

Effective Threat Intelligence Is:

• Proactive. A robust threat intelligence program will also substantially improve situational awareness by presenting information about the entire operating environment and potential threats in a customized and easily understood format. This will allow decision makers to immediately understand the pressing risks they face and how those risks could impact operations.

By enabling corporations to understand both their internal and external threat environment before a crisis occurs, a threat intelligence program can help companies to properly prepare for or prevent a crisis before it happens. The program can alert decision makers to potential political or civil disruptions in unstable countries that could jeopardize the safety of employees and operations; it can help leaders understand and mitigate the risks of placing physical infrastructure in locations prone to natural disasters; or it can provide information about the most stable and secure supply chain routes.

• Holistic. A robust threat intelligence program takes into account all threats, including geopolitical risk, environmental trends and threats, civil unrest, industrial action, crime, terrorism, war, social activism, cyber threats, corruption, and transparency of business. It also monitors for internal threats such as poor or nonexistent resiliency plans, abnormal patterns in incident reporting, worker conditions in foreign plants, and third, fourth or fifth-party business partners, to name a few. It views these threats in the context of an organization’s operations, and presents an accurate and focused picture of the specific threats a company faces and the potential impacts of an adverse event. It may also provide threat mitigation recommendations.

This means that not only does a threat intelligence program monitor tornado activity for a distribution center in Kansas, it also takes into account the ongoing shipping strike impacting the flow of goods into and out of the center and the geopolitical activity taking place in the region where the goods are sourced. This information, combined with other intelligence, provides a strong overview of the threats facing the Kansas distribution center, and operations as a whole.

But it doesn't end there. Threat intelligence also takes a macro view, for example, by identifying threats to all distribution centers in the company’s entire network. An effective threat intelligence program will present this information in an easily digestible way for the end user.

• Constant. The program must operate in real time, monitoring events around the world 24 hours a day, 7 days a week. This is critical because neither the company nor its threat environment is static. As a company evolves, so do its risks and the threats it faces. New threats may appear while old ones change or disappear. A robust threat intelligence program constantly monitors these changes and alerts decision makers whenever a change impacts the threat environment. This empowers leaders to understand the company’s footprint on a day-to-day basis and to increase organizational situational awareness, as the world changes.