How can organizations stay ahead of complex and evolving threats? From cybersecurity risks to domestic extremism and the rise of AI in risk intelligence, today’s climate requires proactive strategies and adaptable decision-making. In this Q&A, Sean McDevitt, Director of Product Marketing, interviews Adam DeLuca, Director of Risk Intelligence, about critical risks, the importance of AI, and essential practices for building resilient Global Security Operations Centers (GSOCs).
Discover expert insights on navigating new threats, harnessing intelligence for proactive decisions, and strengthening your security operations.
Sean McDevitt: What emerging threats do you see having the most significant impact on global organizations?
Adam DeLuca: Today and in the near future, I see several major threats shaping the landscape: cybersecurity risks and nation-state actors, domestic violent extremism (DVE), critical infrastructure vulnerabilities, and the growing impacts of climate change. These areas will be key for businesses to monitor and prepare for.
SM: How do geopolitical tensions, cyber threats, and domestic extremism trends factor into Everbridge’s risk intelligence forecasting?
AD: At Everbridge, our forecasting isn’t topic-driven — it’s risk-driven. We assess events based on whether they pose a real vulnerability or increase risk exposure for our customers. If a geopolitical or cyber situation doesn’t present a tangible risk, we don’t just report it for the sake of reporting. Our focus is always on helping organizations mitigate real-world risks.
SM: What role is AI playing in both the evolution of threat actors and how organizations can counteract them?
AD: AI is reshaping the threat landscape, enabling attackers to use it for deepfakes, phishing, vulnerability detection, and adaptive malware. Not to mention AI can conduct sophisticated disinformation campaigns that can make organizations and their assets vulnerable to a variety of different threat vectors. AI-powered tools enhance social engineering, making attacks more precise and raising cybersecurity challenges.
On the defense side, organizations can and should use AI for real-time monitoring, threat detection, and faster response times. AI can start mitigating a threat before your cyber teams may have even detected it. AI can simulate attack scenarios, helping strengthen defenses and improve resilience against evolving threats. Integrating AI into security protocols is key to staying ahead in the fight against AI-driven cyber risks.
SM: What blind spots do many organizations have when it comes to threat intelligence, and how can they address them?
AD: Too often, organizations are reactive instead of proactive. Intelligence should be used to reduce risk exposure — whether that’s through executive protection, site assessments, or travel planning. Forward-leaning, proactive intelligence is critical. Insider threats are another blind spot. And even when trends or threats are identified, many organizations struggle to innovate or adapt quickly. Thorough after-action reviews are often overlooked but are essential for improving resilience.
Best Practices for building resilient GSOCs
SM: For organizations looking to mature their GSOCs, what key capabilities should they prioritize?
AD: Focus on building strong people, effective processes, and smart use of AI. Repeatability and consistency are key. A mature GSOC should be reliable and agile at the same time.
SM: What advice would you give to security leaders trying to balance automation, AI, and human analysis in their GSOCs?
AD: It’s all about finding the right balance — and that requires action. Make decisive decisions, experiment, adjust, and don’t be afraid to fail. Trial and error is part of the process. Communication and collaboration are critical as you build a GSOC that integrates automation and AI without losing the human judgment that makes intelligence effective.
SM: What misconceptions do you still encounter about risk intelligence among security leaders?
AD: Risk intelligence is often used as a catch-all term. It is not merely the reporting the news, which I often see passed off as Risk Intelligence. Genuine risk intelligence follows a formula: risk leads to vulnerability, and the critical aspect is determining how to mitigate that vulnerability. Mitigation is frequently overlooked, which is a crucial part of the process in strengthening an organizations risk posture.
Additionally, risk intelligence should be viewed holistically, encompassing all stages of the intelligence cycle rather than being confined to individual steps. These stages include collection, clean data, dissemination methods, production, and the most vital step – customer feedback. Each stage plays a crucial role, and improving each individually is essential to building an effective and successful risk intelligence program.
SM: How do you see the role of physical security evolving as digital threats continue to grow?
AD: It’s a different world than it used to be. Organizations need to think about vulnerability assessments for their physical security. What are your unacceptable consequences? And then you need to plan for that. People are always worried about cyber – but in terms of US infrastructure at least – there have been more physical security attacks than cyber-attacks. So, developing strong insider threat programs, doing assessments of your assets, and making sure there is continuity between operations, and your SOC, and law enforcement. A strong physical security posture is 100% necessary for a comprehensive risk mitigation strategy.
Everbridge Risk Intelligence Monitoring Center (RIMC) Insights and Goals
SM: Where is the Everbridge RIMC focusing its monitoring efforts, and what major trends are shaping those priorities? Has there been an evolution over the last several years that shapes that prioritization?
AD: We’re leaning heavily into AI to enhance automation, monitoring, and source validation — improving the intelligence cycle at every stage. We’re also expanding our international sourcing and providing more localized, granular risk intelligence. Our monitoring will be more forward-looking, with an emphasis on early trend analysis and mitigation strategies.
Today, effective intelligence programs include AI, an analyst and quality process. The web is shrinking, access to open-source intelligence is harder, and people are sharing information differently. We’re leveraging AI tools to enhance open-source research capabilities and threat monitoring, but true intelligence analysis happens when skilled analysts use AI effectively within a structured process.
SM: How does Everbridge risk intelligence help organizations make proactive decisions rather than just reacting to crises?
AD: Our goal is to be forward-leaning — to help organizations see around the corner, not just respond after the fact. We aggregate information from over 20,000 sources, leverage generative AI and machine learning, and combine it with the expertise of our analysts. We focus on highlighting risks before they escalate, giving customers actionable insights to limit exposure. And when events do happen, we dive into the why and how, helping customers close gaps for the future.
Preparing for the Risks of Tomorrow, Today
Navigating the ever-evolving landscape of global threats requires a balance of insight, innovation, and preparedness. From harnessing AI to enhance risk intelligence to addressing hidden vulnerabilities in both physical and digital security, Adam DeLuca’s insights highlight the enduring value of foresight and adaptability in protecting organizations.
At Everbridge, we’re committed to helping businesses strengthen resilience and stay ahead of emerging challenges—through proactive intelligence, scalable solutions, and expert support.
