Bridging the Gap Between Strategic and Tactical Intelligence
Observations from the 2025 GSX Annual Conference
Sam Lichtenstein, Director of Analysis, RANE
DOWNLOAD THE PRESENTATION SLIDES
Last week I had the opportunity to attend and present at the annual Global Security Exchange (GSX) “First Line of Defense” held in New Orleans. This is the largest gathering of security professionals and a great opportunity to take the pulse on issues top of mind across the industry. I put together some of the key takeaways for those who may have missed the event this year.
What struck me most was the ongoing gap between tactical and strategic intelligence. On the one side, there are the large macro trends and guidance on how to get ahead of them, while on the other side are the practical implications of discrete security incidents. Security professionals often find themselves pulled into the tactical to address the immediate requirements of the day, but at the expense of missing the larger trends along the horizon. This divide was also reflected in the speaking sessions, many of which were focused on the tactical with little discussion on how those relate to the larger trends and how organizations can anticipate and plan for potential scenarios that are likely to impact them.
Vendors in the showcase area also reflected this tactical approach. RANE stands out with a focus on both the tactical and strategic, with a range of forecasting tools to help security professionals set the larger stage on how those meta-trends can impact their day-to-day workflow. We firmly believe that you cannot merely look at one or the other but need to understand how they intersect.
A second key takeaway for me was that attendees are overwhelmed with the number of countries and regions they need to cover, typically with a small staff dedicated to managing risk and uncovering opportunities. I spoke with one attendee in a strategic intelligence role at a large technology company. He and his small team need to evaluate and communicate internally the strategic risks associated with 30 countries in which they operate (plus broader global issues). His remit has recently expanded significantly but without additional internal resources, so he is trying to figure out how to become more efficient in the context of geopolitical risk.
Here’s where partners like RANE can act as a force multiplier and an extension of their team, providing insights into the implications of risks for their business and where those risks are likely to head over time. Even more importantly, guiding them on what risks they need to and don’t need to worry about.
Finally, I presented on the geopolitical drivers of insider threats. This is hardly a new threat, but one where organizations face a widening risk aperture. Numerous data points indicate that the frequency, cost and complexity of incidents are all rising as physical, cyber and a combination of the two threat categories converge. Also contributing to this increase is a widening range of external threat actors – from cybercrime groups, nation-state actors, hacktivists and protest groups, among others – and, in turn, a proliferation of motives propelling insider threats to expand.
Unfortunately, more complexity is likely, driven by a variety of factors like a convergence among these threat actors, rising capabilities of smaller nation-states, potential future shocks like a China-Taiwan crisis, and technological shifts like AI, blockchain, and quantum computing. Fortunately, RANE is already supporting leading security professionals with intelligence and tools to help them anticipate, monitor, and respond to these threats so they can help their business partners minimize risks while pursuing growth opportunities.
You can download my presentation slides below and read more about my realistic mitigation ideas to address this risk or contact me at sam.lichtenstein@ranenetwork.com.
