Back when I began my security career, cyber threat intelligence (CTI) was considered the \u201cstandard\u201d for intelligence in the commercial sector. It\u2019s easy to see why: CTI\u2019s indicator-centric approach remains integral to the success of any network defense or perimeter security initiative. However, these use cases are where the benefits of CTI begin and end. Addressing today\u2019s volatile threat landscape requires strategic insights and enterprise-wide collaboration, which is why Business Risk Intelligence (BRI) is quickly dethroning CTI as the new intelligence standard.Unlike its predecessor, BRI provides a decision advantage that supports not just cybersecurity teams but all business functions across the enterprise. So, how does BRI work? How does it compare to CTI? And what makes a BRI program successful? Here\u2019s what you need to know:Focus on riskThe simplest way to differentiate between these two types of intelligence is to recognize that while CTI helps detect individual cyber threats, BRI, as its name implies, addresses overall business risk. The following basic formula for risk illustrates this concept:Risk = threat x likelihood x impactAs you can see, threat is only one component of risk. So, although CTI can enable us to identify cyber threats, it doesn\u2019t provide insight into the likelihood that a threat will target our business and, if it does, what the end result might be. It\u2019s important to remember that while countless threats exist, they\u2019re not all relevant to all businesses. I\u2019ve seen firsthand how easy it can be for teams that rely solely on CTI to become overwhelmed by the sheer volume of threats they detect \u2013 even when many are completely irrelevant to the business.Rather than concentrating heavily on tactical threat detection, BRI broadens the scope of intelligence to helps us focus on how threats could impact the business on a macro level. Unlike CTI, BRI provides strategic insight into the context surrounding not just individual threats but the threat landscape as a whole. For example, while CTI might equip us with a list of indicators of compromise (IoCs), BRI can help us understand why these IoCs exist in the first place, if and how they could impact our business, and what countermeasures could enhance our security posture moving forward.Integrate intelligence across all business functionsSince CTI was long considered the intelligence \u201cstandard\u201d in the commercial sector, many businesses have been conditioned to appropriate all matters of intelligence to cybersecurity teams. The problem with this approach is that plenty of threats target and\/or impact all business functions \u2013 not just cybersecurity.In "How do we measure the value of intelligence," I wrote about how the most valuable intelligence is that which supports decision-making and risk mitigation across the enterprise. Indeed, this is exactly what BRI does; it equips us with relevant context on a broad spectrum of threats posing a risk to the business as a whole. Organizations with effective BRI programs recognize that just because a threat has originated on the Internet does not mean the threat\u2019s scope of influence will remain restricted to all things cyber. It\u2019s crucial to remember that threats that exist beyond the jurisdiction of most cybersecurity teams often have direct or indirect ties to the Internet \u2013 many of which are detectable via BRI.In working with various organizations to initiate and develop BRI programs over the last couple of years, I\u2019ve seen firsthand how BRI can provide a decision advantage in situations involving malicious actors seeking to compromise an executive team\u2019s physical safety, threats posed by malicious insiders, unknown security vulnerabilities that exist within a company\u2019s supply chain, emerging fraud schemes targeting a company\u2019s customers, and countless others. While these are all examples of threats that while not traditionally \u201ccyber\u201d, they have, in many cases, originated and\/or been developed among adversaries operating on the Internet. More importantly, none of these threats would been detected or addressed effectively with CTI alone.Strive to be proactiveIn a perfect world, we would all be able to identify, understand, and combat threats long before they reached our businesses. While I realize this isn\u2019t always possible given the threats and adversaries we face today, I must emphasize that BRI can equip us with far greater insight and preparation than is possible with CTI.Indeed, this is another stark difference between CTI and BRI. Since CTI largely revolves around IoCs, it can only provide insight into individual threats that already exist and malicious activity that has already occurred. In other words, CTI is reactive. Teams that rely solely on CTI typically concentrate their resources on identifying and blocking existing threats \u2013 which can leave little room for actually understanding them. And given that the most effective and proactive defenses require a keen understanding of the threats to which we\u2019re susceptible, CTI alone can\u2019t enable us to do that.BRI, as I mentioned, is far more proactive. Its emphasis on addressing overall risk rather than just individual threats naturally facilitates a more comprehensive understanding of the threat landscape as a whole. For example, while CTI might help teams identify IoCs related to existing phishing campaigns, BRI would help inform a team\u2019s anti-phishing strategy, raise enterprise-wide awareness of common phishing tactics and response procedures, and reduce the business\u2019s overall susceptibility to phishing attacks in the long term.It\u2019s no secret that I\u2019m an avid supporter of BRI. As someone who spent the bulk of my career facing the limitations CTI, I can attest to the immense value to be gleaned from an effective BRI program. Regardless of the threats, risks, and security challenges a business may face, it\u2019s crucial to recognize that having the right approach to intelligence \u2013 namely that which is risk-centric, proactive, and cross-functional like BRI \u2013 has truly become a requirement.