If the RSA Conference was any indicator, threat intelligence has finally joined the ranks of cloud and advanced persistent threat as ambiguous/overused terms that mean many different things to many different people. If you were given a dollar, pound or euro every time you heard "threat intelligence," there is no doubt you could fund your security budget for decades to come. Your biggest challenge would be determining how to invest some of that money into threat intelligence capabilities.

To help Forrester clients navigate the threat intelligence market I have several pieces of research underway. The first report, "The State Of The Cyberthreat Intelligence Market" has just published. In it I discuss the frenzied venture capital and vendor investment in the threat intelligence space.  I also provide guidance on how security and risk professionals should navigate the marketing hype to make the best investment of their limited resources. I am currently writing the second report "Market Overview: Threat Intelligence Providers." Here is a snippet from the latest research that illustrates just how much vendor focus we have seen. Since October of 2014:

  • There have been three acquisitions and eight fundraising rounds.
  • iSight Partners (Critical Intelligence) and Lookingglass (Cloudshield) have each raised funds and made an acquisition.
  • Of the acquisitions, only one company publicly disclosed the acquisition amount: $40 million (Proofpoint.)
  • The eight fundraising rounds raised a total of $102.5 million dollars.

One key point is that S&R pros mustn't succumb to the notion that they can just purchase vendor threat intelligence and all of their problems will go away. You may invest in external threat intelligence providers, but you will still need analysts to assimilate this third-party intelligence, fuse it with your own internally derived intelligence, and enrich it with unique knowledge of your business and its operations. For more details, please check out the report