Blog
Do Your Job — The Intricacies of Hiring a Director of Threat Intelligence
Whether you like the Patriots or not, many sports fans can agree that Bill Belichick knows how to run a team. His phrase ‘Do your job’ is simple yet all encompassing when it comes to each player’s ownership and accountability. So when we think about Directors of Threat Intelligence, what makes them the right candidate to get the job done?
By Chris Camacho
Whether you like the Patriots or not, many sports fans can agree that Bill Belichick knows how to run a team. His phrase ‘Do your job’ is simple yet all encompassing when it comes to each player’s ownership and accountability. So when we think about Directors of Threat Intelligence, what makes them the right candidate to get the job done?
If you’ve hired or are planning to hire a Director of Threat intelligence, it quickly becomes apparent that hiring the right person is a challenge. With the threat landscape changing so rapidly, you truly need a ‘Jill’ or ‘Jack’ of all trades. Forrester’s Brian Kime recently wrote a report around the role, expectations, and tips for hiring an effective Director of Threat Intelligence. Here are my four key takeaways to consider when hiring for this role:
Useful, Holistic Intelligence
Intelligence should be prioritized by what is useful and what your company’s key goals are. Does your company want to protect critical IP? Do they want to ensure the stock price remains high? Do you want to ensure bottom line profits are a focus? All of these tie back to profitability, but all of these can be impacted by various threats like fraud, network security concerns, or insider threats, to name a few. This means the Director of Threat Intelligence must understand the business needs and be well versed in all aspects of and related to threat intelligence.
Communication is Critical
Since this role deals with high stakes, high pressure situations, this individual must be able to communicate effectively. This role is often leadership facing, and the stakeholders within that team are not as technologically savvy as the threat intelligence team. However, being able to translate the technical aspects of threat intelligence to a business’s bottom line is crucial. Making threat intelligence easy to digest in the context of the business as a whole will ensure that the value of the program is understood and appreciated.
Leadership Skills are a Must
In my experience, Directors of Threat Intelligence are often a first hire for an intelligence program. This means he/she is often tasked with building out a team and processes from the ground up. This cannot be done effectively without leadership skills. Prior experience in building teams and management will set up this individual for success to establish the appropriate processes, hire the right people, and acquire the right tools necessary for your organization. In a best case scenario, Kime points out, this leader will have a team ready to join him/her on their next mission, making ramping up your threat intelligence team exponentially less difficult.
Focus on Solutions, Not Problems
It is incredibly easy to come to a stakeholder with problems. What is more challenging, and valuable, is being able to bring solutions to the table. A Director of Threat Intelligence must be agile and think ahead to ensure an issue has a solution before it becomes a true problem for the organization. In many cases, this person will be the foremost expert on these challenges, so having this mindset will make him/her most effective in achieving the goals of the program.
If you are interested in hearing more around this topic and considerations for evolving your risk intelligence program, please join the Security Week Intelligence Summit on July 23. Mike Smola and I will do a fireside chat around his experience in building a team, communicating cross-functionally, managing stakeholder expectations, and proving threat intelligence program value internally.