According to ESG Research, 65% use external threat intelligence (i.e. open source or commercial threat information) as part of their overall security analytics activities. This is yet another factor driving the intersection of big data and security analytics. Of those enterprises that consume commercial threat intelligence, 29% say that it is \u201chighly effective\u201d in helping their organization address risk while another 66% say that commercial intelligence is \u201csomewhat effective\u201d in helping their organization address risk. So how do some of the organizations use commercial threat intelligence so that it \u201chighly effective\u201d in helping them reduce IT risk? ESG did some further data analysis to find out. It turns out that these enterprises:1. Security intelligence is used to support other security objectives. Rather than use security intelligence as a secondary data sources, \u201chighly effective\u201d organizations tended to have specific use cases and metrics for security intelligence. For example, many included security intelligence into formal risk management programs in order to fine-tune security controls, launch impromptu vulnerability scans, or lock-down systems.2. Security intelligence feeds are integrated into SIEM and GRC tools. \u201cHighly effective\u201d push data feeds directly into their security management and analytics technologies in order to correlate external threat intelligence with internal status and activities. Interestingly, these firms are also replacing security point tools with centralized enterprise-class security management systems. Clearly these \u201chighly effective\u201d organizations are also on the leading edge of big data security analytics.3. Highly effective organizations share security intelligence across the organizations. These enterprises seem to get their money\u2019s worth as they make sure that security, risk, compliance, privacy, IT, and executive managers have access to customized views of security intelligence that can help them with their individual tasks and responsibilities.4. Highly effective organizations supplement security intelligence with external expertise. Risk management and incident detection\/response are difficult activities requiring resources and expertise. Given the current security skills shortage, \u201chighly effective\u201d enterprises are most likely to turn to professional and\/or managed service providers for help in these areas.Leading security vendors like IBM, McAfee, RSA, Sourcefire, and Symantec provide out-of-box security intelligence into their latest security management technologies. There are numerous industry Information Sharing and Analysis Centers (ISACs) for exchanging security data. The U.S. Federal government wants to increase public\/private partnerships for security data sharing. All of these efforts are intended to make new sources of security data \u201chighly effective\u201d resources for risk management and incident detection\/response. Following the 4 steps described above could really help industry consortiums and individual organizations achieve these goals.