A key part of growing your IT contracting business is effectively marketing your services to connect new clients with appropriate IT solutions. Sometimes that means knowing which "buzzwords" to use. Let's talk about a new phrase making its way around the IT world: threat intelligence.
What IT Consultants Need to Know about Threat Intelligence
Let's start with the basics: what is threat intelligence? It sounds like a clandestine operation the CIA performs. And that's not a bad comparison.
Threat intelligence is gathering information about the kinds of cyber attacks that target your clients and building a counter-strategy based on this evidence. For large organizations that are targeted constantly by advanced attacks, InfoSec personnel build strategies to thwart these attacks day in and day out.
And Computer World reports threat intelligence is spreading to the small business market as well.
Threat intelligence can include…
- Prioritizing your patches and updates to fix the biggest vulnerabilities first.
- Collecting data on the types of attacks targeting your clients.
- Knowing what vulnerabilities target businesses.
- Staying up to date on new exploits and trends in cyber attacks.
- Analyzing your client's attack surface and vectors and trying to minimize them.
- Sharing information with other businesses in your industry.
- Communicating with board members to build an overall IT strategy that prevents exploits, minimizes damage, and responds to security breaches quickly.
In other words, when people say "threat intelligence," it can mean a wide array of IT strategies. Basically, it boils down to knowing more about what threats are out there and building a better strategy to counter them.
Why Security Work Can Be Profitable for IT Consultants
IT contractors and freelancers might have to answer more questions from clients about security. As we reported in "More Proof that People Want to Pay You to Keep Their Data Safe," InfoSec is a hot topic, and clients may start spending more on security. That's good news for the enterprising IT professional.
Not only are opportunities increasing, but they can pay well, too. As Dice reports in its 2015 Tech Salary Survey [PDF], average salaries for security analysts jumped 7.5 percent in the last year. A shortage in security professionals has left these skills in high demand.
But before you rush into security, let's talk about the risk management side of things.
IT Insurance for Contractors: You Can Be Covered for Security Work
As with any area of IT, there's always the risk that a client could sue you if they have a problem with your security work, threat intelligence, or coding. Even if you're not to blame, you could wind up flooded with legal bills.
IT contractors often cover this risk by investing in business insurance – IT Errors and Omissions Insurance – which may cover the cost of client lawsuits by paying for:
- Legal fees.
- Damages you may owe clients.
Your clients may have high expectations for their security, so it's smart to be prepared if something goes wrong. Re-examine your risk management strategy and make sure you have a plan to cover the cost of a lawsuit. That way, you can be ready when opportunity knocks.