If you keep up with the latest trends in security, you've probably run into the term "intelligence-led security" but what does it mean? Certainly sounds better than "stupidity-led security." My background is in law enforcement and it's been interesting to me to see the way some of the principles that were new to police science back when I was in the academy (for example, proactive response) have been ported over to the IT world. It makes sense when you think about it; policing is about protecting society from the bad guys, and IT security is about protecting networks and computers from the bad malware and hackers.
So it's not really a surprise that intelligence-led policing is a concept that has been used in law enforcement management and operations. It's based on risk assessment and risk management - and that's what intelligence-led IT security is all about, too: