It’s clear that cybersecurity has become an imperative for channel partners to sell, but it’s evolving so quickly that it can be difficult for technology service providers’ knowledge base to keep up.

Sometimes we need to go back to basics, especially in a sector that’s constantly changing. And that involves taking a look at what encompasses the “threat landscape.”

Center for Threat Intelligence’s Janet Lawless

During her presentation, “What the Heck Is a Threat Landscape?” on March 11, part of the security conference track at the Channel Partners Conference & Expo, Janet Lawless, CEO and founder of the Center for Threat Intelligence, will offer a primer on what threat landscape means in a 2020 context. She’ll walk attendees through what to pay attention to, what threats partners absolutely must address with their customers and – most importantly – exactly how to approach modernizing cybersecurity strategies in today’s technology channel.

In a Q&A with Channel Futures, Lawless provides a sneak peak of the information she plans to share with attendees.

Channel Futures: How has the threat landscape evolved and what’s changing in 2020?

Janet Lawless: Threats have become more sophisticated, incorporating holistic strategies and tactics that often include a combination of cyber, physical, technical and human components. While financial and personal gain have generally ranked high in regards to motivations, the changing geopolitical landscape, including economic sanctions, has nation-state actors focusing their vast resources on financial targets. In addition, nation-states and other criminal groups will continue to focus on the theft of intellectual property to enhance business and financial gain.

CF: What are partners most commonly missing and not paying attention to in the current threat landscape?

JL: Most companies focus their budgets and resources on attempting to stop and/or limit cybersecurity breaches. Millions of dollars are spent on software and hardware products. These products are needed and provide necessary measures for addressing cybersecurity. Clients are often so concerned about a network breach that they fail to see critical signposts of potential attacks using other methods such as insiders and physical tactics, etc. Partners need to address the business goals and risks of an organization in order to promote a goal of holistic security to address the changing threat landscape. They need threat intelligence.

CF: How should the current and future threat landscape be shaping partners’ cybersecurity strategies?

JL: Partners should think out of the box and help customers assess the true threat landscape by offering threat intelligence services. These should include an organization-wide threat intelligence assessment that includes an analysis of adversarial focus, strategies and tactics, and other key components to get a true picture of the actual threat risk, and who is likely to be targeting them. A threat intelligence framework can help build a comprehensive program and help companies get ahead of the game. A high-level overview of Center for Threat Intelligence’s threat-intelligence framework will be presented during the session.

CF: Is the threat landscape a gauge for what’s working and not working in cybersecurity?

JL: Yes. Once again, adversaries are sophisticated and clever. If you are a target, they will send in insiders, hack technology and find a way into your networks. Threat intelligence focuses on building strategies, awareness and processes that stop the bad guys before they achieve a hold in organizations. We train people on cybersecurity awareness, and yet companies are still in the news for breaches. In order to win the cyber war, we need to implement threat intelligence strategies to keep our clients protected.

CF: What do you hope attendees can learn and make use of from your session?

JL: Understand that security is not just about cyber. As I have mentioned, our adversaries are well funded, clever and using tactics that are well developed and, sadly, work well. Attendees should think about a more holistic approach to cybersecurity and corporate security by incorporating threat-intelligence strategies to proactively prevent attacks before they happen. Importantly, attendees should realize that a small four-person company with leading-edge intellectual property is just as likely to be a target as a multibillion-dollar organization.