Recently viewed a post from a billion dollar ‘threat intelligence’ company touting their million plus indicator-driven heat map. Great visuals showing estimated impacts and the like, but as with all such things, we always ask: So what? How does a million-plus indicator heat map apply to me? In most cases, it does not.
In intelligence, always ask: So what? There is nothing actionable. There is no direct org relevance. There is nothing showing indicator credibility and source validity. Data on a color map listing ATT&CK APTs based on estimates on two axes. So what?
This looks like an attempt to make use of data that ties to no one industry, much less an individual company. The eternal question always asked by CISOs, CIOs, and Intel pros is: What ‘intelligence’ do you have the applies directly to my company? Analyzed, after-the-fact indicators, are great to look at but there is nothing actionable there, right vendor?
Crickets since indicators on a heat map are just that. No intel here.
We ask again, “So what?”
