Wait, another Cyber Threat Intelligence vendor? Not exactly. The threat intelligence industry is alive and well and looking forward to the future it seems to be doing nothing but growing! (ResearchAndMarkets.com estimates that the Threat Intelligence Market will grow from $5.3bn in 2018 to $12.9bn by 2023! Why wouldn’t we jump on that, right!?)
Reqfast is not trying to compete with all of the amazing intelligence providers that already dominate the market – Our mission is to help the consumers get the most value out of their providers. There are intelligence tools, portals, and platforms a-plenty – all have their strengths and weakness and our interest is not really in that side of the intelligence business equation. Our focus, instead, is on the direct consumers of all of that intelligence information, usually the Cyber Threat Intelligence (CTI), Incident Response, and Risk/Fraud Intelligence teams.
From our time spent both working as an intelligence customer and then working directly with private sector intelligence teams, we have learned quite a bit about the threat intelligence market from both sides. One of the most surprising observations we made was that although threat intelligence vendors are getting better and better at providing top-notch intelligence information, customers are still struggling with how best to use that information. Again and again, we have heard the same phrases from CTI teams – “We don’t know how to show value!” “We are not sure if our customer, the CISO or whomever, is even reading what we write!” “Everyone talks about actionable intelligence, but we keep getting told that what we produce isn’t actionable!” And these statements are not just from small, 2-person shops. We have had the same conversation with teams from “advanced” financial institutions with multi-million-dollar budgets!
So why is that? Well, for various reasons, but mainly it is because what the private sector adopted from the US Government’s Intelligence Community (IC) was not what was important. Companies were quick to incorporate the sexy terminology and buzzwords, like “INTREPs” for intelligence reports, or “SPOTREP” or “FLASH” reports for breaking news. They have “collections” and “sources” and Requests for Information (RFIs). Some are even gathering “Priority Intelligence Requirements” (PIRs)! All that is well and good, and many intelligence practitioners leaving the IC will feel right at home with all the jargon (I know I did!). But unfortunately, the IC lexicon is the least important aspect of the overall intelligence function! The private sector failed to bring over the fundamental process and methodology that makes the IC so powerful and effective.
Our primary goal is to enable CTI teams to develop their own policies, procedures, and methodology, founded in trusted IC principles, but developed with the customer’s culture and environment in mind. Threats are ubiquitous. ($12.9bn doesn’t come from nowhere!) But risks are personal – unique to each customer. Therefore, Reqfast strives to help build the customer’s intelligence function to be just as unique and dynamic. We do this through on-site consultation, education, and the use of our web-based, proprietary toolset.
We are excited to be one of the newer members of the threat intelligence market, and we hope to quickly establish ourselves as advocates of intelligence customers and partners of intelligence vendors. We’re looking forward to the opportunity!
Reqfast.com / (623) 850-1734