Opinion

Why internal and external data needs to be assessed for your cyber risk strategy

Ivan Milenkovic
Ivan Milenkovic
Vice President Cyber Risk Technology at Qualys

Ivan Milenkovic, Vice President Cyber Risk Technology at Qualys, argues that blending in‑house security insight with the UK’s new Cyber Monitoring Centre breach data is the game‑changer cyber risk teams need to turn quantification into confident boardroom decisions.

When you plan an outing, you might look out of the window to see what the weather is like at that moment. However, you would probably also check a forecast to find out what conditions could be like later on. Combining your own observations with external data helps you make a better, more informed decision.

That same logic should apply in cyber risk management. Yet, it can be difficult to find external information that is genuinely practical for forecasting and strategic decision-making. Traditionally, select insurers and a range of ‘trusted industry reports’ have been the main sources of such insights but often, the available data has been too generic. 

Now, a new organisation in the UK, the Cyber Monitoring Centre (CMC), is aiming to bridge this gap. CMC will collect and provide historical breach data, which can be especially valuable for predicting potential risks from emerging cyber threats or threat actor campaigns. For cyber risk and information security professionals, this data could become a robust basis for Cyber Risk Quantification (CRQ).

Even so, simply combining internal and external data does not automatically guarantee great risk management practice. It is crucial to identify business specific parameters, where the gaps are, and how to ensure that your organisation stays in control of its risk surface.

How CMC data could support your security strategy

To understand how CMC data could fit into your approach, think about the benefits of collating independent data on security issues, together with a guide on the severity of those threats. The CMC intends to provide a cyber event categorisation system that helps risk and security teams standardise how they discuss risks with colleagues across the business. By applying a consistent frame of reference, you can explain new threats more clearly and move towards implementing CRQ more seamlessly.

CRQ assigns monetary values to risks by examining their potential financial and operational impact. In practice, this enables security and risk teams to illustrate the scale of a potential problem for the business. With that knowledge, the organisation can make informed decisions on whether to invest in preventative measures (like patching software vulnerabilities or addressing misconfigurations) or whether to maybe offset some of the risk through cyber insurance.

Implementing CRQ can be challenging because it calls for understanding of how likely a particular event is to occur and how severe its consequences could be. Estimating the probability of an issue and its business impact is never straightforward. Nevertheless, the discipline of CRQ is vital for elevating your organisation’s overall risk management strategy and aiding more nuanced decision-making around cyber and business risk.

Where external data fits in

Most organisations already rely on some form of external threat intelligence to inform their security efforts. These intelligence feeds shed light on newly developed attack techniques and the threat actors behind them, equipping cyber security teams to watch out for relevant indicators of compromise. However, such data tends to be highly technical; it does not usually address the broader implications or potential financial costs associated with those attacks. This is where the CMC could prove especially valuable.

The main challenge with any data is contextualisation. If a breach or threat is not framed in a way that shows why it matters to your business, its significance can be overlooked. By providing consistent, independent data, the CMC aims to help CISOs and security leaders communicate more effectively with business stakeholders. But external data alone will only take you so far.

Improving risk management with comprehensive insights

To get the maximum value from external data, CISOs and security teams must apply it within their specific business environment. This involves examining the systems and business processes that your organisation relies on, how those systems are managed, and how a given vulnerability might affect your operational processes. For example, you could receive an alert about a newly discovered vulnerability in a key system, but if that system is air-gapped and has compensating controls in place, it might pose less risk than a minor vulnerability on an internet-facing service with no additional safeguards. Likewise, if your patching strategy is automated, you will likely face less risk than if you rely on manual patching or processes that struggle to secure board-level support.

No matter where you currently stand in terms of risk management maturity, obtaining more accurate and timely data is an essential first step. Internally, this could mean improving visibility across your IT assets and software, engaging with development teams to understand your secure software development lifecycle, or working closely with compliance and finance teams that each hold different perspectives on risk. Externally, data from the CMC and other reliable sources helps you see the broader threat landscape and compare your risks against wider industry trends.

Bringing these two streams of data together – internal information about your specific environment and external insights into general threats – can help you prioritise your resources, decide where to invest in additional safeguards or whether to transfer certain risks. It also enables you to communicate those decisions more effectively across the business.

Securing the future with better risk insights

Ultimately, businesses thrive by creating and capturing value: entering new markets, developing new channels, and operating more efficiently. Maintaining the security of these initiatives ensures they succeed over the long term. Without a robust and pragmatic approach to cyber risk management, supported by reliable internal and external data, organisations can struggle to keep pace with the evolving threat landscape.

The launch of the Cyber Monitoring Centre offers an opportunity for enhanced insight, particularly for cyber risk and information security professionals seeking a stronger footing for cyber risk quantification. By incorporating both your internal intelligence and the CMC’s independent breach data, your security strategy can become more precise, more cost-effective, and more compelling when presented to business leaders. In this way, better data forms the bedrock of a more resilient future.

Categories
OpinionData Analytics & Security
Previous article
Could Germany’s €500 billion gamble rewrite Europe’s digital playbook?
Next article
Amazon calls for nuclear power to fuel the UK’s AI data centre surge

Related Articles

Artificial IntelligenceCloud & Hybrid ComputingCoolingData Analytics & SecurityData Centre Design & OperationsEdge ComputingGreen IT & SustainabilityIndustryNetworking & ConnectivityPowerSkills & Training

Top Stories

Benefits of registering with Data Centre Review

Receive two newsletters each week

Magazine sent directly to your inbox

Invites to exclusive events

Register

Your go-to source for all the latest developments within the data centre industry.

Artificial IntelligenceCloud & Hybrid ComputingCoolingData Analytics & SecurityData Centre Design & OperationsEdge ComputingGreen IT & SustainabilityIndustryNetworking & ConnectivityPowerSkills & Training

HTML tutorial
Access the Digital Edition now



SJP logo
© SJP Business Media 2025