At first, we can look at the preceding section and say "hey, that's pretty easy. All we have to do is provide the non-compliance, vulnerabilities, and red team reporting to the users. They'll be able to take care of it!" Sadly, if you have ever been on the receiving end of an audit, you would know that no one likes getting bad news. Security as a service (although important) is also looked at as a burden to operations as it's just more things for the stakeholder to do. Fix this, fix that...it's kind of annoying. So when we think about integrating security service information, we should think (in parallel) about how we package up the data as cyber intelligence to each other as well as the end user.

We want our reporting to not just be another CSV we have to sort through, we want the information that we provide to be actionable. So let's look at what challenges with data integration we will face from different perspectives.