Every day we engage with risk and threat analysis professionals – from corporate security officers through to GSOC team leads – on the pressing challenges they face. Often when they are asked, “What are the biggest challenges you face, and how can we help you overcome them?” they respond thematically, highlighting an unfolding risk development. Something along the lines of, “Continual monitoring of the conflict in Ukraine is stretching my resources”, or “I’m finding it hard to keep on top of relevant cyber risks”.
Threat and risk assessment professionals seldom raise, at least initially, the continual challenges they face in extracting the utmost value from intelligence tools. However, after drilling down, this represents probably the single most consistent challenge we regularly encounter – how users get the most and best from the solutions they have access to. This can be the case when both driving the continued adoption of the existing resources that a team already has access to, or for new solutions that a team is potentially considering implementing.
An analysts’ time is more stretched than ever – and even if a solution has been identified as highly beneficial – if it is time-consuming to adopt (or even perceived to be that way), that solution runs the risk of either becoming an additional burden on top of existing time pressures, or worst-case-scenario – becoming poorly utilized.
This is a challenge regardless of organization size; it can impact smaller security functions, with access to one or two platforms, and the largest, with access to multiple resources.
Implementing a solution that utilizes artificial intelligence and machine learning to provide insights can further compound this challenge. It’s typical to encounter a healthy skepticism within the security and risk community of the ability of artificial intelligence and machine learning to provide a useful input into risk management workflows.
Many times, this has justifiably been borne out of previous bad experiences. How many of you reading this have trialed an artificial intelligence (AI)-based incident monitoring service, for instance, only to find that you have received a high volume of largely meaningless alerts, or alerts which have been impossible to assess for their contextual significance?
Driving a successful implementation of such a platform is even more difficult as you seek to overcome such skepticism and reassure a user base that AI-derived outputs are a trustworthy and explainable input into their reporting.
There are several options to help risk professionals overcome these challenges, including:
- Augmented analytics solutions – Augmented analytics, where AI-derived insights are curated and contextualized by continual feedback and complimentary analysis from an on-the-ground analyst team, represents the next evolution of risk management platforms.
Building a capability that can harness the power of AI when it comes to proactive risk monitoring – but also delivers complimentary forward-looking, operationally-focused insights from analysts – not only provides users with a unique intelligence capability, but also helps drive credibility and trust in the platform.
A risk monitoring solution becomes uniquely powerful once it enables a user to say, “Here’s a proactive AI-derived change in stability in a country, and here’s further relevant qualitative analysis from a trusted source saying why that’s important for us”. Not to mention the confidence that it creates because the human expertise is training and honing the AI content outputs.
- Equal investment in sales and customer success functions – Intelligence solutions cannot be sold on a “fire-and-forget” basis. An empowered customer success function, one that engages with a customer throughout a sales cycle and into the subscription term, is vital in driving adoption and utilization.
Having a team who wholly understands the platform and customer’s needs can actively share best practices about how to use the service, regardless of a customer’s area of interest; they are the best means of driving adoption and trust in a platform. Delivering this support as a complimentary, integrated part of a solution is critical, whether that support comes from large-scale, on-site workshops or tailored sessions for new individual users.
- Continuous development and enhancement of the platform – Naturally, a platform needs to also be capable of supporting a user in an intuitive, user-friendly manner, regardless of the content that it provides and the support that comes with it.
Continuous feedback from customer success teams helps further enable product teams to actively prioritize developments that are most meaningful for an end user.
The challenges outlined here represent ever-moving targets. As users and customer requirements change, and as solutions continue to evolve, intelligence providers need to ensure that driving adoption and trust in their platform forms an integrated, continuous part of their commercial and product development processes.