February 12, 2018 By Douglas Bonderud 2 min read

There’s real value in threat intelligence. After all, what company doesn’t want actionable, reliable data about emerging threats?

It’s no surprise, then, that the “SANS 2018 Cyber Threat Intelligence Survey” found that 81 percent of businesses now leverage threat intelligence programs. But the work isn’t over — while relevant, these programs still have plenty of room for improvement.

Threat Intelligence Adoption On the Rise

As noted by Infosecurity Magazine, threat intelligence has been gaining ground over the last few years. Just 64 percent of organizations used them in 2016, compared to over 80 percent this year. In addition, 68 percent of organizations are now “creating or consuming data around the latest cybersecurity campaigns,” suggesting that companies are leveraging threat intelligence to anticipate and adapt to emerging attack vectors.

Threat detection remains the most sought-after benefit, with 79 percent of respondents emphasizing this capability in their programs. Incident response (71 percent), blocking threats (70 percent) and threat hunting (62 percent) round out the top four.

There’s also a move toward more public sharing of critical threat data. Switzerland recently rolled out its Threat Intelligence Sharing Group, which aims to “achieve a greater understanding of the entire cybersecurity environment” by empowering threat sharing and collaboration among Swiss enterprises, according to a press release.

Room For Improvement

There are still some barriers to implementation. As noted by Help Net Security, many firms remain “dissatisfied” with the quality and accuracy of their threat intelligence. And while there’s an uptick in security information sharing — 84 percent of businesses said they were taking part — most sharing takes an informal approach rather than following structured guidelines, limiting the overall efficacy of threat intelligence.

Security professionals’ biggest concern is the lack of timely information. Over the past three years, this issue has owned the top spot with more than a 20 percent margin over the next-biggest problem: information that’s too complex to ensure ease and speed of use. However, there is hope, since artificial intelligence (AI) integrated into security solutions can assist teams in sorting through complex information and pulling key insights.

The Growing Value of Threat Intelligence Programs

More companies are using threat intelligence, and they’re seeing significant value, but there’s room for improvement. Real-time results and complexity are stumbling blocks while the lack of formal sharing practices limits the impact of threat data.

The good news is that increased adoption drives a growing marketplace, making room for specialization and niche services, which are critical for the development of innovative threat intelligence approaches. For enterprises, this means that threat intelligence solutions have matured enough to take their place as staples of security environments.

But the work isn’t over: Timely insights, straightforward reporting and formal sharing practices must evolve to meet the lofty expectations of the security industry at large.

g

More from

Cybersecurity dominates concerns among the C-suite, small businesses and the nation

4 min read - Once relegated to the fringes of business operations, cybersecurity has evolved into a front-and-center concern for organizations worldwide. What was once considered a technical issue managed by IT departments has become a boardroom topic of utmost importance. With the rise of sophisticated cyberattacks, the growing use of generative AI by threat actors and massive data breach costs, it is no longer a question of whether cybersecurity matters but how deeply it affects every facet of modern operations.The 2024 Allianz Risk…

Autonomous security for cloud in AWS: Harnessing the power of AI for a secure future

3 min read - As the digital world evolves, businesses increasingly rely on cloud solutions to store data, run operations and manage applications. However, with this growth comes the challenge of ensuring that cloud environments remain secure and compliant with ever-changing regulations. This is where the idea of autonomous security for cloud (ASC) comes into play.Security and compliance aren't just technical buzzwords; they are crucial for businesses of all sizes. With data breaches and cyber threats on the rise, having systems that ensure your…

Adversarial advantage: Using nation-state threat analysis to strengthen U.S. cybersecurity

4 min read - Nation-state adversaries are changing their approach, pivoting from data destruction to prioritizing stealth and espionage. According to the Microsoft 2023 Digital Defense Report, "nation-state attackers are increasing their investments and launching more sophisticated cyberattacks to evade detection and achieve strategic priorities."These actors pose a critical threat to United States infrastructure and protected data, and compromising either resource could put citizens at risk.Thankfully, there's an upside to these malicious efforts: information. By analyzing nation-state tactics, government agencies and private enterprises are…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today