Both demand a foundation of cloud-based monitoring and analysis technologies, an interoperable information-sharing strategy and platform, and carefully tailored processes. To get there, businesses will need in-house or external expertise in four key areas: • Ingesting and surfacing meaningful, validated intelligence in real time. • Assessing the organizational impact of that intelligence. • Identifying actions to mitigate threats. • Taking prompt technical, legal and operational action. These four distinct skill sets require no small sum of technical expertise and resources. As such, organizations will need deep cybersecurity expertise as well as a multidisciplinary team that includes stakeholders from IT, legal counsel, risk, privacy and business units. This team will be responsible for creating custom processes to integrate activities across systems and the enterprise. Threat management requires expertise in four key areas Taking prompt Ingesting and surfacing technical, legal and 01 meaningful, validated operational action intelligence in real time 04 02 Assessing the Identifying actions to 03 organizational impact mitigate threats of that intelligence 3 Key findings from The Global State of Information Security® Survey 2017 © 2016 PwC