More than10 years ago, I was deployed to Iraq as a U.S. Air Force intelligence analyst, assigned to the Joint Special Operations Command (JSOC) Task Force with one clear objective: disrupt terrorist activities by targeting and capturing al-Qaeda insurgents. In constant pursuit of dangerous individuals with nefarious intentions, we sought to uncover the identities of enemy forces. Our success in slowing down the enemy was a direct result of obtaining accurate intelligence and positive identification (PID) of our adversaries, despite their best efforts to remain unseen. Today’s cyber attackers are no different; increasingly, more and more intel teams are turning to identity intelligence as cybercriminals continuously attempt to obfuscate their identities as well as the attack vector.
Having been on the frontline of both the physical and virtual battlefields, I have recognized a critical need for a tactical-oriented approach to cybersecurity threats—an approach that focuses on identity-driven intelligence. Implementing such intelligence will help organizations to swiftly assess and disrupt their adversaries and prevent future attacks.