Solution and Service Investments
This should be the biggest area of focus. When procuring new solutions or services, ask: Will this purchase enhance my understanding of new threats or is it just a better enforcement/policy mousetrap? When upgrading an existing security portfolio, seek solutions that are heavily tilted toward intelligence while providing the necessary policy/enforcement as simple add-ons or freebies. One example would be investment in endpoint AV software; instead of upgrading the existing AV software, see if it makes sense to use free AV solutions from reputed vendors and combine it with investment in next-generation network or endpoint malware detection and response tools.
Another area to look after is compliance. Compliance directives take years to catch up to the new realities. If required by the compliance directives, seek products that would also help in the "intelligence" bucket while satisfying the old compliance requirements. One example of this would be IDS/IPS products. Instead of investing further in these areas, look at network-based threat detection technologies that may provide this functionality as a simple add-on or base capability.
In general, if you are writing a large check for endpoint antivirus, Firewall, IDS/IPS etc., pause and ask if this investment improves your "intelligence" capabilities. If not, consider how this investment can be minimized in order to align the remaining funding with the security needs of today.