Webinars · 2026.04.29 46 min

Webinar: Is Intelligence Reaching the People Who Need it Most?

A conversation with Seerist and The Clarity Factory on how security and intelligence teams can move from information delivery to decision advantage.

Melissa Newberg · Global Head of Intel, Seerist
Rachel Briggs · The Clarity Factory

A conversation with Seerist and The Clarity Factory on how security and intelligence teams can move from information delivery to decision advantage.

Recap

Is Intelligence Reaching the People Who Need it Most?

A conversation with Seerist and The Clarity Factory on how security and intelligence teams can move from information delivery to decision advantage.

Webinar transcript

The transcript is organized by chapter so readers can scan the conversation and expand only the sections they want to read.

Transcript chapters

00:00–05:33 — The decision gap in security intelligence

Melissa Newberg frames the webinar around a recurring challenge: security teams have more data and tools than ever, yet decision-makers still may not receive intelligence in time, in the right format, or with enough organizational trust to act. 0:00 Thanks everybody for joining. 0:02 I am Melissa Newberg. 0:04 I'm the Global Head of Intel here at Seerist. 0:07 And the problems that we're going to talk about today are ones I've kind of lived from both sides as a leader of Intel teams, but also as an analyst producing content for leaders. 0:18 So I thought we'd start this with a question kind of the impetus for having this topic in the first place. 0:27 You know, keep hearing from nearly every Intel and security leader that I talked to. 0:32 And, you know, our our teams, many teams are better resourced, better trained, more technologically capable, definitely than they've ever been before. 0:41 And so why isn't the right person getting the right intelligence before that decision window closes? 0:48 And this is really, you know, an age-old dilemma that probably resonates with a lot of people here. 0:53 You know, some people call this like the decision gap, the decision advantage where Intel doesn't reach the right person in the right format with enough organizational trust, which is key behind it to actually drive that decision. 1:06 And that is in fact sort of a two-sided problem. 1:09 There's, you know, the decision maker that's not getting intelligence and time to act in a way that they can reasonably ingest it. 1:18 And then there's the analyst, you know, the Intel professional, the security professional whose, you know, best work is often times dying in an inbox. 1:26 Both are are probably on this call today and both are describing sort of that same failure from opposite ends. 1:33 So today's conversation is really focused on that issue and we are grounded today in real data from the Clarity Factory's annual CSO survey, which is probably the most rigorous sort of independent benchmark of how we of, you know, of how we have security leaders experiencing those pressures in real time. 1:53 The 2026 survey is still open. 1:55 It's closing this week. 1:56 So if you are a CSO, a senior security leader, Rachel will share in the link before we closeout. 2:03 It's definitely worth your time to to take that and also to read last year's survey and the survey that will come out of this year's as well. 2:12 And I have the great pleasure of having this conversation with Rachel Briggs today. 2:17 And she founded the Clarity Factory and she produces a survey annually. 2:22 She is one of the most respected researchers in security leadership. 2:26 She advises CSOs and boards and she brings independent data that validates and sometimes challenges what practitioners experience on the ground from the CSO perspective. 2:36 So Rachel, thanks for joining us today. 2:38 Such a pleasure. 2:39 Thank you for having me and thank you to Seerist for sponsoring this year's CSO survey. 2:44 Very grateful for your support. 2:45 Thank you. 2:46 We are happy to. 2:47 I love the survey and any chance we can have to have real data to back up the things you are experiencing, you know, in real life. 2:54 It's fantastic. 2:56 So I'll first, I think it's worth setting the stage before we kind of get into the, the data and our conversation here. 3:03 And feel free to drop questions as well into the chat. 3:06 We can address them as we go or, or adjust them at the end. 3:09 But would love to hear, you know, how you all are thinking about this and questions that you might have that that we can address throughout as well. 3:16 But the, the operating environment has changed, you know, structurally, and this is not an incremental change. 3:22 We are used to operating in a world of episodic crises. 3:27 Something would happen, organizations respond, there's a recovery period, and then the dreaded Q word period of quiet. 3:35 That rhythm is just completely gone. 3:37 What we have now is really that continuous pressure, geopolitical whiplash, you know, conflict escalation across multiple theaters, trade disruptions, extreme weather, domestic political instability, perhaps in places that used to feel stable. 3:53 And that just doesn't stop that volatility is really the baseline now. 3:56 So what does that actually mean for intelligence and security teams today? 4:01 It it ultimately means that the bottleneck has fundamentally shifted and access to information kind of used to be the the advantage there knowing things others didn't, having sources others couldn't reach. 4:13 But that model eroding very fast also based, you know, not just on the world, you know, the world around us, but also the technology around us too. 4:22 That's eroding fast. 4:23 So when anyone can generate passable summary in 30 seconds, you know, I know things, it's not as defensible as it used to be. 4:31 So that new edge really is. 4:34 And this is something we continue to hear that interpretation, that translation, that organizational context that's unique to what, to what the analyst or the operator might know. 4:44 And that that means making, you know, what's available to everyone means something specific for, you know, this organization, this decision, this moment. 4:54 That identity shift is something I do see, you know, a lot in practitioners now. 4:58 And the ones that are kind of pulling ahead are the ones that are really thinking about themselves more as advisors versus gatekeepers of information. 5:05 And that's definitely not a small adjustment from from the practitioner side. 5:11 So Rachel, your survey capture is, you know how CS OS are experiencing this pressure right now from their lens. 5:19 Would love to hear how your data, what your data shows about the demand for intelligence now from their intelligence teams. 5:26 How is this changing across the business and how are they actually building and hiring for this new environment?

05:33–11:43 — Rising demand for intelligence across the business

Rachel Briggs explains how CSOs are seeing greater demand for intelligence, what that means for hiring, and why the differentiator is shifting from access to information toward interpretation, impact, and advisory skills. 5:33 Yeah, thank you. 5:35 You know, the, the question to ask really, and I will tell you a bit about what I know, a bit about what I don't know. 5:43 And I'm not an Intel analyst. 5:45 So I'm, I'm coming at this question from maybe a slightly different perspective than some folks on the call. 5:51 And it's a it's, that's why it's important. 5:54 I think you and I are having a conversation about this because it's about putting those two sort of lenses on top of one another to then get a really rounded picture. 6:02 So that's why I'm so grateful here. 6:04 I guess let me just start by sort of some of what I'm some of what I heard last year, some of what I continue to hear in conversations and then some of what I see when I kind of dip into the the data, which I haven't yet analysed properly. 6:17 But to state the obvious, I mean, there is a growing demand for Intel from different parts of the business. 6:26 You know, we now have leadership at the top of businesses who are as alive as maybe those of us in our community are to some of the issues that are sort of bread and butter to us. 6:35 I mean, you've only got to look at the front page of the Wall Street Journal, the Financial Times or the New York Times on any date of the year. 6:43 And our issues are their issues. 6:45 And that's good news. 6:46 And it's bad news. 6:47 And it's, it means different things for for Intel analysts, obviously, but there's definitely an increased demand for the type of stuff that we in our community do. 6:57 And what I also see married to that, perhaps unsurprisingly, is increased investment by CS OS in the Intel function. 7:05 It looks different in different places and that you, Melissa would have a closer view on this than I do many on the calls would. 7:11 But certainly what I see is different ways of meeting that demand, whether it's an entirely outsourced model of Intel or entirely insourced, depending on which vendors you're using, which information sources, how mature your Intel shop is, how mature the business is to to receive that information. 7:28 So it's it's a sort of a mixed picture. 7:30 Obviously I do you know, one of the things that you know, we're going to talk a lot about how do we make the product, the service, the offering of the Intel team as as tailored as it possibly can be to the business. 7:44 And I guess one of the things that has to be prefaced right up front is you use the word gatekeeping earlier is, is the danger of CS OS gatekeeping to the rest of the business. 7:53 So we'll, we'll maybe kind of come back to that at various points during the conversation. 7:57 Because I think if on the one hand, we're saying to Intel analysts, you've got to understand your customer, you've got to tailor what you do. 8:04 If a leadership within the corporate security function is going, that's my relationship. 8:09 You know, don't go anywhere near the head of supply chain or the head of our Asia PAC business or, or whatever. 8:16 That's a problem for that issue of, of tailoring and, and really getting stuff to be bespoke. 8:22 So I just think it's, it's very, it's worth kind of prefacing and, and understanding that in terms of hiring the right people. 8:29 It's a really interesting dilemma that you, that you paint and I think it, you know, I'll cast ahead to what this might mean going forward because I, I think maybe that would kind of be some pose some interesting challenges for the community. 8:43 Because if you're right, that actually the, the key differentiator for Intel professionals now is not what do you know and who do you know? 8:51 It's not to say it's not important anymore, of course, but it's more how can you tell us what we should do or how can you advise us? 8:59 How can you help be part of the solution to our problems? 9:03 Then it could mean some quite different things in terms of skill set. 9:07 It could mean that, you know, if you think about the sort of the life, the the sort of the, the value chain of the Intel profession, you know, less emphasis on the getting hold of stuff and processing and more emphasis maybe on spotting trends, understanding impact and communicating in a way that the business can really understand and do something weird. 9:36 So I think that kind of that skills arc. 9:40 I think Intel, good Intel professionals have always needed all of the above, but maybe we've concentrated more on one end of the spectrum in our hiring practices. 9:48 Where do Intel professionals come from? 9:50 Who do they know, what's their network, etcetera. 9:53 And maybe we either need to recruit for and or train for some of that wider set of skills around kind of effective understanding of of different perspectives in the business and then different types of communication to really hit business need. 10:10 You know, you had pointed out, you sort of look at any headline and you can see how the impact of the geopolitical landscape now. 10:20 I think it was absolutely fascinating in the last two weeks how the singular Anthropic job ad for a geopolitical Intel analyst got such traction beyond, you know, LinkedIn. 10:33 Obviously, I'm sure they have piles of applicants as well. 10:36 But the fact that that in and of itself was a talking point for people outside of outer space. 10:43 I think it's really telling to just how significant, you know, this this really is. 10:47 And if, you know, a company that's perceived as sort of leading on their front, like Anthropic is, is leading in that direction. 10:53 And that really speaks to, you know, what's happening in the the wider industry. 10:58 It does. 10:58 And it means, you know, enormous opportunities for our community. 11:03 Now being able to capitalise on those opportunities is not a given. 11:06 Just because you think you have the right skill set does not mean we'll come on to this probably, but it doesn't it doesn't mean necessarily you're going to be the choice to solve those problems. 11:16 But it does mean that you go into this new. 11:19 Which is kind of as you sort of tired me out your introduction actually, because you know, we are all exhausted. 11:26 We are all kind of reading too much. 11:28 We are all living at a pace that's not sustainable. 11:32 So it does open up opportunities, but it means we've got to be really razor sharp focused and on our on top of our game to make sure we are the solution that that business leaders choose.

11:43–17:10 — Supporting analysts under continuous pressure

The discussion turns to the human side of intelligence work, including how teams supporting high-stress issues can structure peer support, professional help, and leadership modeling. 11:43 I think there is you and I had briefly talked about this and it's a little bit of an aside, but we both felt it kind of important to just quickly address it. 11:52 There is the human dimension, you know, to, to what we talked about here and we both felt strongly about, you know, highlighting that because we do have, you know, analysts, operators that are writing reports from conflict zones. 12:03 They're living real time inside the very situations that they're analyzing in a very different kind of way now than maybe ever before. 12:12 And that's still, you still have teams covering hostilities every single day, you know, on top of that from other places. 12:18 And that sort of question of how you structure place, how you support those people is really a leadership question that I think many organizations are haven't maybe fully reckoned with quite yet. 12:31 But I'm very personally mindful of this, you know, teams living and working within this kind of environment. 12:36 And you and I had talked briefly about how, you know, you've supported people in similar situations like this and and what this kind of continuous pressure can mean for those people doing this kind of work. 12:48 Maybe just if you can briefly touch on that and what you think, you know, CS, OS and leaders should be thinking about with respect to that. 12:54 Yeah. 12:54 And I'll just give a bit of context because there may be many people on the the line who understandably don't know about my career history. 13:00 But one of the things I had the great privilege of doing for about 15 years was running two organizations that called Hostage International and Hostage US, which is what brought me to the US for a few years. 13:12 And, and these were non profits that supported hostages and their families during and after kidnappings and arbitrary detentions. 13:21 And so I was directly volunteer, I was running the organisations, but I was directly volunteering to help family members going through this. 13:30 I was then directly volunteering to help hostages who had returned from captivity and as you can imagine, quite a long road to, to recovery. 13:38 And I was managing a team of volunteers. 13:41 And lastly, a colleague of mine was managing that team of volunteers who were doing that really important but very difficult and and sometimes quite draining work of helping people who are in crisis and, and are in need. 13:54 And it taught me a lot, taught me a lot about myself. 13:56 Actually, it taught me a lot about what it is to do a really important job professionally in a way that enables you to continue to not just survive, but thrive as a, as a human being. 14:11 And, and both of those are equally important. 14:15 And you know, I, I have to say, I was didn't necessarily model the kind of behaviour that I was asking my team to, to, you know, take care of yourself and take breaks. 14:27 And I was probably the worst at modelling that kind of behaviour, which I recognised. 14:32 But you know, we, we sort of, we had to get in place a program with the board's absolute full support into as well as they including them putting financial money behind this, which for a non profit board is always, always very careful with the money. 14:47 But you know, they recognised how critical this was, which was a very big tick in terms of their leadership. 14:52 But you know, it, it was about sort of a number of different things. 14:55 First, it was about as each as individuals taking care of of ourselves, so making sure that we did continue to do those things in our lives, which gave us meaning, which gave us release, etcetera. 15:07 It was also about having quite a structured peer support system. 15:10 It's wonderful when your colleagues go, hey Melissa, how you doing? 15:14 But and that's great and it's lovely that we all hear that from our colleagues and I know this is the kind of community where we do, but we had quite a formal peer peer support structures in place. 15:24 We used something in the UK called Trim, which is a, is a form of sort of a very formal way of looking out for one another and it's structured and we had professional support. 15:35 So if anybody ever said I need some professional support, no questions asked, they, they, they got it because it was so desperately important to us. 15:44 And then that, that sort of leadership modelling behaviour. 15:47 And so it, it was not something that took a lot of designing. 15:51 It wasn't something that cost a lot to do, but the act of having it in a very structured way meant that everybody kind of had to opt out rather than opt in. 16:02 And it was very much expected that you do have to look after yourself. 16:08 And we expect you to look after yourself. 16:09 Because I think one of the most insidious things is when you're in that kind of position is that you think, well, it's not me that's been a hostage. 16:17 So who am I to complain? 16:19 Or, you know, it's not me who's living in a war zone right now, but I'm writing about it. 16:23 And, and that actually can exacerbate the impact of trauma on you, your inability to recognise what you're going through. 16:32 So I, I have great sympathy for, for the Intel community doing a difficult job in a time when it is relentless. 16:41 And I think more CSO should have those kind of structured programs in place. 16:46 It's a non negotiable as far as I'm concerned for the whole team, not just the Intel, but don't forget the Intel team. 16:52 I think you said it quite well. 16:55 It's not, it's not necessarily your personal resilience, a personal resilience problem. 17:00 It's really a structural, you know, kind of situation to to think about here. 17:06 So, yeah, thank, thank you for the perspective on that.

17:10–29:28 — Turning intelligence into organizational impact

Melissa and Rachel discuss how intelligence can support supply chain, cybersecurity, government affairs, community relations, and other business functions through deliberate relationship-building and two-way communication. 17:10 And we, we already mentioned this, but I, I think it's one of the more significant parts of this discussion. 17:19 The idea of the demand surface for Intel has never been larger, as evidenced by a singular job ad getting such global attention in in the way it has. 17:32 You know, boards want geopolitical briefings. 17:35 They supply chain wants to understand their vulnerabilities and, and visibility ahead of sourcing decisions. 17:43 There's so many parts of the business that are all happening simultaneously. 17:48 Often, you know, in organizations that are also shrinking headcount, they're being asked to do more with less. 17:55 What what I'm seeing in some of the most, you know, effective teams right now is really like a deliberate expansion of their remit. 18:02 And not because they were necessarily asked to, but because they recognize the demand was there and they were positioned to serve it. 18:09 And so, you know, they, they went and did the fact finding and the relationship building and they did. 18:14 And, and you know, that means security and intelligence sort of stepping more into informing a supply chain decision or a protective Intel team feeding into a com strategy. 18:25 And that's maybe not the norm, but is increasingly becoming. 18:29 So, you know, so it used to be a sort of a siloed function is becoming like connective tissue between and across the business in different kind of ways. 18:38 But that really only works if the Intel and security teams are actually reaching parts of the business and then also getting that information back in return. 18:48 And I think that's where, you know, the gap kind of becomes pretty visible. 18:51 So the survey has some really striking data on some of those unserved areas and organizational gaps that explain, you know, where Intel isn't connecting into parts of the business that need it most to be that company asset as you've described. 19:09 And so maybe you can walk us through, you know, what you found from that perspective. 19:13 And then I love the data point that that we had talked about, you know, Intel needing the flow back into the like into the business and then also back into Intel. 19:25 You know, it's a it's a two way flow to really make that company asset successful. 19:30 Yeah, exactly. 19:31 Yeah. 19:31 Wow, big, big questions. 19:33 I mean, the, the sort of, let me start with, with the question about where else Intel can serve. 19:40 And I would say I'm open to being challenged on this, but I think our data shows us that the most common place that Intel serves is the corporate security function itself. 19:50 So it's a sort of, it's the home team, right. 19:54 We've got some questions coming this year about where else it serves in, in the business. 19:58 I'm, I'm excited to share that in a few months time. 20:01 But as you say, the potential is is really quite significant. 20:06 To serve other parts of of the business, you mentioned one I would definitely point to which is supply chain. 20:12 You know, the, the data on I, I spend a lot of my time actually looking at business data as opposed to security data and understanding how is business changing and what, what kind of how are business leaders thinking about risk and how are they changing their businesses and et cetera, et cetera. 20:26 And, you know, some of the, you know, this, this very, very stark data about the, some of the wholesale changes that businesses are taking or are considering taking around, for example, supply chain, which is hardly surprising given some of the stuff that is happening in certain parts of the world, which is blocking supply chain. 20:46 And I'm not just talking about what has been happening over the last few weeks, which has blocked obviously one of the most important waterways in the world. 20:54 But it that that those are patterns that have been, you know, certainly on the agenda for for for many years. 21:01 And you know, it's worth keeping an eye on what those business trends are and asking yourself as a community, how could we serve to that need? 21:10 And I think I don't, I don't see enough, I don't pretend to be in the weeds on this, but I don't see enough connectivity between Intel teams and supply chain, for example, where there are just huge obvious areas of connectivity. 21:24 Now the devil is in the detail and you do have to get into the weeds and say, well, how does our supply chain work and what are the exact opportunities to input information and and and so on and so forth. 21:34 So how the mechanics of how you actually do that in practice can be tailored to, to your own business need. 21:40 But if there, if there were ever a time for an Intel team to be asking itself, could we do anything to help our supply chain colleagues? 21:47 I think I've never seen one as as acute as as, as right now. 21:50 So I'm, I'm sure my information is somewhat out of date because I'm sure events over the last several months have kind of probably forced some of those conversations even where they weren't existing already. 22:02 The other, the other that I would encourage folks to explore and I've talked about this before is, is around cybersecurity. 22:10 Because from my experience, there are, there are kind of both functions have their own kind of what they would call Intel functions, but actually they look and feel incredibly different. 22:21 And where the equivalent within the cyber team is sort of a lot more technical and a lot more detail oriented. 22:28 The corporate security equivalent is much more big picture. 22:32 It's looking at longer term trends, it's thinking about how the world's changing and so on and so forth. 22:35 And they are they are exaggerated versions because both are doing much more than that. 22:43 But actually they're highly complementary kind of skill sets and perspectives. 22:46 And actually the organisations that clients of mine that I work with who not necessarily have converged teams, although it's sort of more acute in those teams, but where the physical and the cybersecurity teams have managed to get some kind of connectivity help to to a greater or lesser extent. 23:04 Find that actually the Intel piece is one of those bits of you use the term connective tissue where actually you put those two capabilities together. 23:15 That's pretty special. 23:16 And if you think about the challenges that are there on the cyber side of things around digital networks staying up, you know, so many organizations that I know were sort of absolutely paranoid about systems going down. 23:32 They are all exercising like crazy for you know, what if we lose everything, you know, what must we, we have a, a sort of a digital twin of etcetera, etcetera. 23:43 There again is one of business's most critical obsessions right now and an opportunity for I think corporate security Intel professionals not to come in and say we have all of the answers to that. 23:57 But I think to say actually we can complement very nicely the expertise that you've got to really add some, some rich depth to to that exercise. 24:06 So I would, I mean, I could, I could go on. 24:09 I mean, for instance, you know, some really interesting stuff I think to be done, you know, in terms of relationships with like government affairs colleagues, community relations colleagues. 24:19 As you know, the threat from sort of social and political unrest increases. 24:24 I've seen some companies that do some really, really interesting collaborations between their community relations teams and the Intel shop within their corporate security function. 24:34 And once they understand one another, which can take a little bit of working through, they go, Oh my goodness, I had no idea. 24:40 We've got this expertise in the business. 24:42 This is fantastic. 24:43 We now don't think we can do what we do without you. 24:45 So get out there, explore, ask questions, demonstrate. 24:50 And it's there are so many opportunities. 24:52 I couldn't possibly list them all right now. 24:55 It's really cybersecurity almost seems like a like, you know, the convergence, which is like one of the, you know, those hot button words that erase has convergence of physical security and cyber security together and and conferences called convergence. 25:10 But actually is just one sort of microcosm of really what a physical security and Intel team could do across multiple parts of the business, kind of a model for things you can do with other teams and ways to support other teams, you know, in a more impactful way. 25:26 I think. 25:27 And I really love the idea of being able to get that, you know, feedback into an Intel team and then being able to tailor and kind of customize what you're doing in an even greater way. 25:39 And then to your point, you're sort of invited to the table and you're at the table with the decision maker is in a way that's different instead of just, you know, producing intelligence and it sits in an inbox And you're not quite sure what that means or where it's gone. 25:54 But you get so embedded deeply into the business that the business feeds you what you need to serve it well. 25:59 And then you actually have a seat at that table at the end of the day to be proactively like helping make decisions and, and, and drive outcomes. 26:08 Yeah. 26:08 And I, I'll say a little bit more about that actually, because, you know, I, I, the really important point to make is to not wait to be invited, which I'm sure nobody on this call is doing, but it's such a basic point and it's so important. 26:22 I was chatting last week to somebody who's the EMEA lead for a large multinational who's not long into the role actually. 26:32 And, you know, she has taken a really, really, really super proactive approach to building relationships, including she, she mentioned to me with the head of supply chain and she said that, you know, three weeks before the, the, the conflict with Iran started, you know, she was desperately trying to get this relationship and up and running. 26:57 And then of course, 3 weeks later, it was so self-evident to the head of supply chain that this was going to be one of her, that person's most critical relationships going forward, you know, but that she wouldn't have been anywhere near helping supply chain if she hadn't have just gotten out into the business, taken the initiative, thought to herself, right, I'm OK, I've understood the business. 27:18 I can understand supply chain is critical. 27:20 I understand I've got something to give. 27:22 So I'm just going to keep knocking on that door and knocking on that door and I'm getting a blank face from the head of supply chain. 27:28 But there will be a moment when that person kind of says, thank goodness you knocked on my door. 27:33 Now can we do some business? 27:34 Which is exactly what? 27:36 So I think, I think, you know, doing that, you know, really taking the time to learn the business in the way that you take the time to learn your region or learn your country or learn the activist group you're covering or the terrorist network you're covering. 27:50 You know, really understand it. 27:51 You know, read the annual reports, get on the investor calls, you know, be at all those town hall meetings, etcetera, because that is your business and you know, there's a certain amount you can absorb without having to get into the room. 28:05 And so you should absolutely do that and and become obsessed with really understanding the business that you're that you're there to to serve. 28:13 And then I think the, the final thing I would say on it, and you've, you've used that kind of term sort of two way a number of times, which I think is a really critical, I think reset for, I think for all of us actually, whatever our role when we're producing stuff. 28:30 And I, you know, one of the things I'm increasingly advising corporate security leaders on is about the importance of having a sort of a strategic communications plan. 28:40 And I think Intel analysts need to have something similar as well, which is who are my key interlocutors in the business. 28:49 And a strategic communications plan isn't about broadcasting. 28:53 It is about two way, because for it to be strategic, you have to have understood who those people are and you have to have some channel from them back to you as well to keep learning. 29:04 I mean, that's just the inherent nature of a strategic comms plan versus a, a broadcast comms plan. 29:10 So I think, you know, having having that kind of in place and, and really being very intentional about that, I think is a prelude to then some of the conversation I'm sure we'll have about what products, in what way and what language and how long and all that. 29:26 But that it all starts with it all starts with that.

29:28–38:07 — Designing intelligence products for decision-makers

The speakers explore how to build products backward from the decision that needs to be made, reduce cognitive load, and use storytelling to make security information memorable and actionable. 29:28 I think let's do that right now. 29:30 Perfect, perfect little segue right into it. 29:34 The, you know, the product design, the communications problems, issues, you know, challenges. 29:40 What does it actually look like to build intelligence products for the decision maker rather than the analyst? 29:46 You know, exactly as you described sort of ingesting your own products, which is fine, but how are you building for that decision maker? 29:53 And I find a lot of times sort of products can be built backwards when you think about that instead. 29:58 So they start with the data in front of the analyst, which makes sense, you know, from like a tradecraft perspective and then you work out or it. 30:03 But actually a better approach might be to start with the decision that needs to be made that what is the decision maker, you know, what decision are they trying to make? 30:12 And then, you know, you work backwards from that to the evidence that actually matters for them to make that that kind of decision. 30:19 And I think that's where we sort of collectively need to design for the cognitive load of our leaders as well. 30:27 So it's one thing, you know, the G sock deciding whether to call the CSO at 2:00 in the morning. 30:33 You know, it doesn't. 30:33 They don't need exhaustive context. 30:35 They just need to know the orientation and you know, what am I, what do I need to do right now? 30:39 And does this cross thresholds and, and that kind of thing. 30:43 But not every stakeholder group needs the same product either. 30:46 And you know, who needs the full analysis versus who needs a recommendation. 30:50 And, you know, being able to map that out as you write as well and, and work to build the right kind of products for the right kind of teams is just as important to, to, you know, to what you're describing. 31:02 So thought it was super interesting what you found from the communications standpoint and it makes perfect sense. 31:07 But I think it's kind of counterintuitive sometimes when you think about Intel and security work and how high storytelling ranked as a competency that CS OS look for on their team. 31:18 So would love for you to talk more about that. 31:21 And then maybe with the ultimate goal of sort of getting to, you know, what you think that tells us about how the business wants to consume Intel. 31:29 Yeah, definitely. 31:31 So one of the data points that we got last year was we asked CS OS, we gave them a choice of of several things. 31:41 So it was kind of limited, but we asked them, you know, aside from budget and not having enough people which everybody always wants more of. 31:47 So we knew that was a given. 31:49 We said which of these things are the biggest obstacles to the effectiveness of your function. 31:54 And by a country mile, the, the most important obstacle was the business doesn't understand security. 32:03 And we can have a discussion about A, whether the business should understand security, B, whether that means, you know what all of that means. 32:12 It could, it could mean lots of different things. 32:14 But I think ultimately depending on how you analyse, I think regardless of how you analyse that and what you think it means, I think what it does mean is that security has got a communications problem and it's either a perceived problem on our behalf, on our part, or it's a real problem in terms of of the business. 32:33 But we've definitely got a communications problem, and I personally argue that it isn't the job. 32:42 This isn't the business's job to understand security. 32:44 It's our job to get them the information they need to make the right decisions and do what they need to do properly. 32:50 So I don't think putting the emphasis on them getting up to speed with us is in any way, shape or form the right, the right way to go about this. 32:59 But, but if you, if you agree with my premise that we have a communications problem, then the then the then the sort of the next question is and how do you overcome that? 33:08 And what I see many, what I think a mistake is that that can sometimes be made is to say, well, we just, we'll need to, we'll need to communicate more what we do, which usually means describing all of the different teams we've got within the corporate security team, all the different processes they engage in. 33:28 And this is what I do for a living. 33:30 And that even turns me off, right? 33:32 And, and I can't follow it. 33:33 And I don't, you know, it's not engaging, even if this is what you do for a, for a living, it's like a shopping list. 33:41 And instead it's, it's harder work. 33:43 But what you need to do instead is to think about communicating from the standpoint of what they need from us. 33:50 And it's there's a kind of a Venn diagram here in its simplest terms, which is what are the assets we've got on one side of the Venn diagram? 33:59 And on the other side of the Venn diagram is what are the problems that the business gives a damn about. 34:04 And ideally, what you find in the middle of the Venn diagram is some problems that need to be solved and some assets that we've got to bring to the table to solve them. 34:13 And I, you know, I think our conversation has are hinted towards the fact that I do think we've Intel team is one of those prime assets right now that can solve a really critical set of problems for the business. 34:24 And then the question is how? 34:25 And you know, the thing that is so compelling about storytelling, which in of itself is sort of people think you're kind of it's kumbaya and it's about, you know, sitting around campfires and, and all that good stuff and sort of maybe being a bit self indulgent and maybe telling old war stories. 34:41 It's not any of that. 34:43 It's about a structure that is emotionally engaging that when you kind of tell tell somebody about something that happened it by stringing together the core components in a very particular structure that is aimed at impact, emotional connection and a sort of a leaning in with a desire to then understand what the conclusion is and what I have to do about it. 35:10 That's why storytelling is compelling because you know, nobody is after you've kind of presented your PowerPoint on, you know, whatever it might be, nobody is then going to tell anybody about what was in Melissa's PowerPoint. 35:23 But if Melissa tells a really compelling story about, let me tell you about, you know, what one of our team told us who's based in UAE at the moment, suddenly you've got an audience that is listening, is engaged, cares, feels like they have skin in the game as well. 35:41 And is is much more likely to remember that and to think about it, reflect it, and then go pass it on to somebody else. 35:47 And so it takes a bit of effort and obviously you've got to you've got to learn this particular skill set and the structure to use. 35:54 We run the storytelling workshops. 35:57 I'm not not selling them, I'm just saying lots of people run them. 35:59 But what we say, what we see when we put security professionals through this and we've had Intel professionals, is that actually it's quite a relief to get a structure. 36:09 And I, I kid you not, you see people around the table suddenly listening to one another better, being more interested in what one another has to say. 36:19 And that's people who are on the same team together who suddenly understand what they call it one. 36:22 Now, if it takes that to understand what your colleagues are doing, imagine how difficult it is to to try and communicate with people who have nothing to do with security. 36:31 And perhaps one of the greatest endorsements was somebody who'd been through our course last year at some point, kind of almost ran across a, a sort of a conference room to me a few months ago and said our stories are coming back to us now. 36:47 Isn't that a, a sign of success? 36:50 Because I can guarantee none of his PowerPoints were coming back to him, but because they now had stories, they were doing the rounds. 36:58 And when other people start telling your stories back to you, you know that you've been successful. 37:03 So I think it's a, there are all sorts of different communications methods that you can adopt which are far more effective than I think some of the ones that we most commonly use. 37:14 So I pick on storytelling. 37:15 It's not the only one, but I think as a community, and particularly as Intel professionals, we are, we've got the most compelling stories to tell. 37:25 And, you know, replacing tons of analysis and text, maybe with the right story for the right executive will be the thing that convinces them that they should trust you, wants to come back to you next time and actually maybe changes their decision as a as a result of it. 37:44 Because the the reality is executives have got, you know, seconds, minutes, they've definitely not got hours to make decisions. 37:50 And so getting in quick with a cautionary tale, something that really neatly summarizes the complexity of the situation, but in a really simple way, I think is is a huge elevator for for what? 38:04 For what the Intel community does.

38:07–45:23 — Practical moves for intelligence and security teams

The webinar closes with concrete recommendations: map internal customers, build two-way relationships, measure outcomes, ruthlessly prioritize, use personas, and stop doing work that does not drive decisions. 38:07 We were very ambitious in thinking we would get to talk about AI. 38:10 So I think we'll just abandoned that because I think this is a good transition point to give some more practical like practical advice in terms of I love the storytelling piece and I think that makes so much logical sense. 38:24 So I think good time to bring it back to a practical place. 38:28 Since we do only have a few minutes left somehow already. 38:31 I'll I'll do a few things kind of from my side, from that sort of practitioner lens before I hand it to you, Rachel, to do the same from from your side. 38:39 What? 38:40 So what are ultimately some truly like realistic things that Intel and security teams can do to sort of maximize the impact of what you know, their, their Intel, where how their Intel is presented and, you know, reaching the right kind of people. 38:54 I loved and it was the first thing on top of my list is to map out who your actual customer customers are inside the business. 39:01 I think that makes a ton of sense to do that stakeholder mapping. 39:04 And I would bet a lot of maybe CS OS are doing it, but I would, I would really bet a lot of Intel teams and security teams are not doing it themselves. 39:13 I think that audit alone will tell you more about the gap than sort of anything. 39:18 The 2nd, and we kind of already said this too, but definitely build that two-way relationship deliberately and do that relationship building, which I think isn't always something we focus on as Intel professionals. 39:30 But it is so crucial that you, you can't really wait for them, you know, to offer it. 39:35 You have to go out and proactively sort of seek that relationship. 39:39 And as you said, exactly stop waiting to be invited in necessarily. 39:43 And the last one I would kind of point out is to measure your impact as if you can. 39:49 I know that that often is hard and not necessarily the output. 39:52 So you know, you're, you're giving lots of things to lots of people and that's the metric versus, you know, what, what is the outcome and what kind of decisions have I informed? 40:04 Has someone come back around and told me that story? 40:06 You know, that's kind of an out. 40:07 That's kind of an outcome in and of itself. 40:09 If if that information is, you know, getting around to the right people in the business in the right kind of way, that can be potentially an outcome. 40:16 And the last one I'd leave before I turn over to Rachel is to ruthlessly prioritize what you're doing as an Intel team. 40:23 So iterate quickly. 40:24 You know, most intelligence teams are already stretched. 40:27 So you're adding now proactive relationship building business, calibrated products, two-way sort of data work and understanding. 40:36 So you really do have to go and cut out the things that are not hitting and not working for you in ways to prioritize the things that are. 40:44 And I'll turn it over to you now, Rachel. 40:47 Yeah, Gosh, I mean, you've covered some of the most important things and you know, on that stakeholder mapping, I don't think most corporate security departments are doing this. 40:55 Most leaders are not doing this. 40:57 So I think, you know, maybe some of our Intel colleagues could lead the way in that. 41:02 It's, it's about understanding who those individuals are, maybe creating personas for different groups within the business. 41:08 And each persona will tell you kind of what what does this personal group do? 41:13 How do they best consume information? 41:15 What questions would they be asking you if you were in front of them? 41:19 Not what information could you give them, but how would they phrase those questions? 41:24 One of the things that I do with clients is, is kind of conduct, what we call business needs analysis. 41:30 I mean adopt that kind of idea where you go out and you have incredibly eliminating you sit down and you say what do you think we do? 41:38 What are the problems that are vexing you right now? 41:40 And if I was going to help you solve that problem, what would be the best way for me to do that? 41:45 And people will tell you exactly. 41:48 And if you can't get to the decision maker, get to somebody that reports to the decision maker. 41:52 Yeah, there is always there is always a way. 41:54 So I think there's that. 41:55 Don't, I mean, don't one of the most basic things is don't assume that the business knows what you do or even that you're there. 42:02 I I tell, I've told this story a million times, but I was giving AI was running a one-day workshop for a client FTSE 50 company. 42:09 Huge security was so critical that the CFO was in the room all day. 42:15 And at one point he put his hand up and said, Rachel, I understand why the board is interested in geopolitics, but why is my security team interested in geopolitics? 42:23 And of course, all of our jaws hit the ground. 42:26 But I'm so glad he asked the question. 42:28 And it was a really good reminder that this is what we're all obsessed with and we do it all day every day. 42:34 But you know, he and the board up until that point in time didn't even think that their team had that capability. 42:43 And they soon then did realize and the relationship changed. 42:46 So don't assume that. 42:47 So shout about what it is you do. 42:49 Don't wait to be invited in and just think really, I love the fact that you picked on being really ruthless about a what to stop doing because we didn't talk about AI. 43:00 But of course, the big elephant in the room is AI. 43:03 And there's lots of all of our jobs that we don't need to necessarily do anymore. 43:08 We can automate to get to the juicier bits. 43:11 And actually it's the juicier bits that the business really interested in where Intel's concerned. 43:15 So think ruthlessly about what you can cut out. 43:18 Don't have assumptions about, well, this is how I've always done my job and this is so precious. 43:23 I must continue doing it because the quicker you can get to the real kind of hard edged bit, the better. 43:31 And really just be sort of hard on yourself and say, am I really, you know, is this really the question they want answered? 43:39 Is this really the best way to do it and make sure you're coordinated with one another? 43:43 Because I'll, I'll leave you, I'll leave this example was a CSO who I know really well said that she realised that her Intel shop had a problem when something had happened in a country. 43:53 It doesn't matter where, it doesn't matter when. 43:55 And within a few hours, 15 different Intel reports had been blasted out to various different people. 44:04 And, and you know, that's an extreme example. 44:07 I'm sure even the most organized Intel groups have got sort of a much minor version of that. 44:13 But just, you know, people are busy enough they, they certainly don't need 15 versions of, of the same message from you because you're disorganized. 44:21 So I'm sure that doesn't apply to anyone on this call, but I thought that was quite funny. 44:26 Yeah, Yeah. 44:27 That's that. 44:28 It's an interesting twist on ruthlessly prioritizing now to say, you know, stop doing some things. 44:34 But then the second piece of it is, do you still need to do it? 44:37 And can you outsource it to a tool or to AI some way to automate it for you? 44:42 It, I mean, it's a fascinating dynamic right now on that front. 44:48 We are at the end of our time. 44:50 Thank you so much, Rachel, for your time and your insights that you can, I highly recommend going and reviewing the 2025 survey and, and looking at what's to come for this year. 45:01 If you haven't already. 45:02 I love to read it. 45:04 And if you are, you know, CSO security, security leader, please go take the survey. 45:10 It is open until Thursday I believe the link is in the chat, so please go do that. 45:15 The more data the better. 45:17 And thank you so much again Rachel for joining. 45:21 Thank you for having me. 45:23 Thanks everybody, have a great rest of your day.