IT Security

Threat intelligence study

by Mark Rowe

Most companies are placing a greater reliance on threat intelligence as a viable enterprise cybersecurity defence. That is according to a study commissioned by Webroot, a cloud-based, internet threat detection product firm, with the Ponemon Institute. The study indicates that most companies believe threat intelligence is essential for a well-rounded cybersecurity defence and has proven effective in stopping security incidents. However, improvements are necessary to make threat intelligence more timely, accurate and actionable to strengthen an organization’s security posture, it is claimed.

Findings from the study include:

· 40 per cent of companies surveyed had a material security breach in the past 24 months, and 80pc believe if they’d had threat intelligence at the time of the breach, they could have prevented or minimised the consequences of the attack

· Current cyber defence practices are not considered effective; only 36pc of respondents rate their company’s defence as strong

· Almost half of respondents are increasing the amount of intelligence data they receive to prevent or mitigate the consequences of an attack

· 56pc say intelligence becomes stale within seconds or minutes, and indicate that the more valuable features of a threat intelligence solution are the ability to implement intelligence and gauge the trustworthiness of the source in real time

· Near half, 49pc use “fee-based” sources of intelligence, stating free sources are inadequate for comprehensive threat analysis, making it more difficult to prioritise threats; and

· In the next two years, one-third of respondents will increase their threat intelligence budget significantly.

The survey features perspectives from 693 IT and IT security professionals in the US, with 61 percent of respondents in the Fortune 1,000, Global 2,000 and the Forbes List of the Largest Private Companies. It concluded that companies see the potential benefits and importance of having cyber threat intelligence. However, participants are wary of the reliability of this intelligence, as well as its ability to be actionable. Further, respondents are also dissatisfied with perceived threat intelligence deficiencies, such as a surplus of alerts and false positives that make it difficult to respond to breaches.

Larry Ponemon, chairman and founder of Ponemon Institute, said: “While the report found that spending on threat intelligence is expected to increase in the next two years, these resources do not necessarily translate to greater security, and it is critical that the information be timely, accurate and actionable to be effective. The results of the study indicate that, while some companies have figured out how to leverage threat intelligence into a viable enterprise security defence, many more have not. But, given the rapidly changing threat landscape, we expect threat intelligence to evolve to the point that it will become a key component of IT security.”

Patrick Kennedy, vice president of enterprise marketing at Webroot, said: “Businesses are struggling to identify and stop new web threats because they must assess the risk of more unknown objects than before and the rate of change across the threat landscape is faster than their traditional security technologies can keep up with. The study highlights the need for highly accurate and timely threat intelligence to help organizations assess the risk of incoming data, reduce the volume of security incidents, and accelerate response to successful attacks.”

To achieve a stronger security posture, says Webroot, IT users should consider integrating real-time threat intelligence into their security infrastructure to more quickly assess the risk of unknown IPs, URLs, files and mobile apps. Combining this with experienced staff and appropriate incident response processes will increase an organization’s ability to minimize or prevent serious security incidents.

For a copy of the survey findings, visit http://www.webroot.com/shared/pdf/CyberThreatIntelligenceReport2015.pdf.

Newsletter

Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing