There’s real value in threat intelligence. After all, what company doesn’t want actionable, reliable data about emerging threats?

It’s no surprise, then, that the “SANS 2018 Cyber Threat Intelligence Survey” found that 81 percent of businesses now leverage threat intelligence programs. But the work isn’t over — while relevant, these programs still have plenty of room for improvement.

Threat Intelligence Adoption On the Rise

As noted by Infosecurity Magazine, threat intelligence has been gaining ground over the last few years. Just 64 percent of organizations used them in 2016, compared to over 80 percent this year. In addition, 68 percent of organizations are now “creating or consuming data around the latest cybersecurity campaigns,” suggesting that companies are leveraging threat intelligence to anticipate and adapt to emerging attack vectors.

Threat detection remains the most sought-after benefit, with 79 percent of respondents emphasizing this capability in their programs. Incident response (71 percent), blocking threats (70 percent) and threat hunting (62 percent) round out the top four.

There’s also a move toward more public sharing of critical threat data. Switzerland recently rolled out its Threat Intelligence Sharing Group, which aims to “achieve a greater understanding of the entire cybersecurity environment” by empowering threat sharing and collaboration among Swiss enterprises, according to a press release.

Room For Improvement

There are still some barriers to implementation. As noted by Help Net Security, many firms remain “dissatisfied” with the quality and accuracy of their threat intelligence. And while there’s an uptick in security information sharing — 84 percent of businesses said they were taking part — most sharing takes an informal approach rather than following structured guidelines, limiting the overall efficacy of threat intelligence.

Security professionals’ biggest concern is the lack of timely information. Over the past three years, this issue has owned the top spot with more than a 20 percent margin over the next-biggest problem: information that’s too complex to ensure ease and speed of use. However, there is hope, since artificial intelligence (AI) integrated into security solutions can assist teams in sorting through complex information and pulling key insights.

The Growing Value of Threat Intelligence Programs

More companies are using threat intelligence, and they’re seeing significant value, but there’s room for improvement. Real-time results and complexity are stumbling blocks while the lack of formal sharing practices limits the impact of threat data.

The good news is that increased adoption drives a growing marketplace, making room for specialization and niche services, which are critical for the development of innovative threat intelligence approaches. For enterprises, this means that threat intelligence solutions have matured enough to take their place as staples of security environments.

But the work isn’t over: Timely insights, straightforward reporting and formal sharing practices must evolve to meet the lofty expectations of the security industry at large.

g

More from

OneNote, Many Problems? The New Phishing Framework

There are plenty of phish in the digital sea, and attackers are constantly looking for new bait that helps them bypass security perimeters and land in user inboxes.Their newest hook? OneNote documents. First noticed in December 2022, this phishing framework has seen success in fooling multiple antivirus (AV) tools by using .one file extensions, and January 2023 saw an attack uptick as compromises continued.While this novel notes approach will eventually be phased out as phishing defenses catch up, current conditions…

When the Absence of Noise Becomes Signal: Defensive Considerations for Lazarus FudModule

In February 2023, X-Force posted a blog entitled “Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers” that details the capabilities of a sample attributed to the Lazarus group leveraged to impair visibility of the malware’s operations. This blog will not rehash analysis of the Lazarus malware sample or Event Tracing for Windows (ETW) as that has been previously covered in the X-Force blog post. This blog will focus on highlighting the opportunities for detection of the FudModule within the…

LastPass Breaches Cast Doubt on Password Manager Safety

In 2022, LastPass suffered a string of security breaches which sparked concern among cyber professionals and those impacted by the intrusions. Some called into question the way LastPass handled and responded to the incident. In addition, the situation ignited a wider conversation about the risks linked to utilizing password managers.A password manager helps users generate strong passwords and safeguards them within a digital locker. A master password secures all data, which enables users to conveniently access all their passwords for…

The Role of Finance Departments in Cybersecurity

Consumers are becoming more aware of the data companies collect about them, and place high importance on data security and privacy. Though consumers aren’t aware of every data breach, they are justifiably concerned about what happens to the data companies collect. A recent study of consumer views on data privacy and security revealed consumers are more careful about sharing data. The majority of respondents (87%) say they wouldn’t do business with companies that appear to have weak security. Study participants also…