Threat Intelligence Programs on the Rise, Survey Finds
There’s real value in threat intelligence. After all, what company doesn’t want actionable, reliable data about emerging threats?
It’s no surprise, then, that the “SANS 2018 Cyber Threat Intelligence Survey” found that 81 percent of businesses now leverage threat intelligence programs. But the work isn’t over — while relevant, these programs still have plenty of room for improvement.
Threat Intelligence Adoption On the Rise
As noted by Infosecurity Magazine, threat intelligence has been gaining ground over the last few years. Just 64 percent of organizations used them in 2016, compared to over 80 percent this year. In addition, 68 percent of organizations are now “creating or consuming data around the latest cybersecurity campaigns,” suggesting that companies are leveraging threat intelligence to anticipate and adapt to emerging attack vectors.
Threat detection remains the most sought-after benefit, with 79 percent of respondents emphasizing this capability in their programs. Incident response (71 percent), blocking threats (70 percent) and threat hunting (62 percent) round out the top four.
There’s also a move toward more public sharing of critical threat data. Switzerland recently rolled out its Threat Intelligence Sharing Group, which aims to “achieve a greater understanding of the entire cybersecurity environment” by empowering threat sharing and collaboration among Swiss enterprises, according to a press release.
Room For Improvement
There are still some barriers to implementation. As noted by Help Net Security, many firms remain “dissatisfied” with the quality and accuracy of their threat intelligence. And while there’s an uptick in security information sharing — 84 percent of businesses said they were taking part — most sharing takes an informal approach rather than following structured guidelines, limiting the overall efficacy of threat intelligence.
Security professionals’ biggest concern is the lack of timely information. Over the past three years, this issue has owned the top spot with more than a 20 percent margin over the next-biggest problem: information that’s too complex to ensure ease and speed of use. However, there is hope, since artificial intelligence (AI) integrated into security solutions can assist teams in sorting through complex information and pulling key insights.
The Growing Value of Threat Intelligence Programs
More companies are using threat intelligence, and they’re seeing significant value, but there’s room for improvement. Real-time results and complexity are stumbling blocks while the lack of formal sharing practices limits the impact of threat data.
The good news is that increased adoption drives a growing marketplace, making room for specialization and niche services, which are critical for the development of innovative threat intelligence approaches. For enterprises, this means that threat intelligence solutions have matured enough to take their place as staples of security environments.
But the work isn’t over: Timely insights, straightforward reporting and formal sharing practices must evolve to meet the lofty expectations of the security industry at large.