How to Use Threat Intelligence Intelligently

 
 
By Karen A. Frenkel  |  Posted 12-21-2015 Email
 
 
 
 
 
 
 
 
 
  • Previous
    How to Use Threat Intelligence Intelligently
    Next

    How to Use Threat Intelligence Intelligently

    The smart use of intelligence sharing could minimize the impact of cyber-attacks, but a lack of trust often inhibits organizations from benefiting from intelligence sharing.
  • Previous
    Smart Use of Threat Intelligence
    Next

    Smart Use of Threat Intelligence

    64% of respondents said they believe threat intelligence could have prevented or minimized consequences of cyber-attacks they experienced in the last 24 months. In 2014, the percent was 61%.
  • Previous
    Exchanging Threat Intelligence Makes Sense
    Next

    Exchanging Threat Intelligence Makes Sense

    75% of respondents believe exchanging threat intelligence improves their security posture. 63% say it's good for the United States' critical infrastructure.
  • Previous
    Timeliness of Threat Intelligence Is Key
    Next

    Timeliness of Threat Intelligence Is Key

    Timeliness makes threat intelligence the most actionable. Next comes the ability to prioritize and the trustworthiness of the source.
  • Previous
    Shelf-Life of Threat Intelligence
    Next

    Shelf-Life of Threat Intelligence

    Although 89% of respondents believe threat intelligence has a shelf-life of hours or less, 79% refresh their data in daily or longer increments.
  • Previous
    Free Sources Are Biggest Threat Intelligence Source
    Next

    Free Sources Are Biggest Threat Intelligence Source

    The biggest source of threat intelligence is resources, yet 46% of respondents say they cannot prioritize threats. 39% have no confidence in free sources and 35% also say these resources offer no context.
  • Previous
    Liability Stymies Exchange of Threat Intelligence
    Next

    Liability Stymies Exchange of Threat Intelligence

    The main inhibitors for exchanging threat intelligence are liability issues, lack of trust in sources and lack of resources.
  • Previous
    Movement Toward Centralized Program, Dedicated Team
    Next

    Movement Toward Centralized Program, Dedicated Team

    Silos are a major barrier to effective collaboration. Centralizing control over the exchange of threat intelligence is rising and might address the silo problem.
  • Previous
    How Organizations Exchange Threat Intelligence
    Next

    How Organizations Exchange Threat Intelligence

    65% of respondents say intelligence is most often shared through informal peer-to-peer exchanges, an increase from 57% in last year's study. Use of vendor threat exchange services has decreased year-over-year from 53% to 45% of respondents who rely on vendors.
  • Previous
    Exchange Really Means Exchange
    Next

    Exchange Really Means Exchange

    More respondents use and provide threat intelligence, in nearly equal proportion, compared to last year—42% versus 36%.
  • Previous
    Main Sources of Threat Intelligence
    Next

    Main Sources of Threat Intelligence

    The main sources of threat intelligence continue to be IT security vendors and peers in other companies. Law enforcement and government officials as sources remain low and have even decreased since last year.
  • Previous
    How Threat Intelligence Is Received
    Next

    How Threat Intelligence Is Received

    63% of respondents receive threat intelligence through data feeds, 59% get it through peer group discussion on the phone, email or in person. 51% get it from threat advisories.
 

A new survey finds 47 percent of companies and government agencies have been breached since 2013 and that cyber-intelligence could have prevented (or minimized) the consequences of those attacks. The survey was sponsored by IID and conducted by the Ponemon Institute. "The amount of large organizations that have been breached online is eye-opening, but what is equally interesting is the fact that IT and security professionals know what they need to stop the cyber-attacks yet they are not doing so," said IID vice president of marketing, Mark Foege. "We must continue to work together as an industry to make threat intelligence as timely, relevant and actionable as possible, or else the bad guys will continue to infiltrate large businesses and governments worldwide." The second annual survey polled 692 IT and IT security professionals from global businesses and government agencies. They answered more than three dozen questions about threat intelligence sharing. Most organizations have more than 1,000 employees and are in the financial services, public sector and health and pharmaceuticals industries.

 
 
 
 
 
Karen A. Frenkel writes about technology and innovation and lives in New York City.

 
 
 
 
 
 

Submit a Comment

Loading Comments...