How to Use Threat Intelligence Intelligently

How to Use Threat Intelligence Intelligently

How to Use Threat Intelligence IntelligentlyHow to Use Threat Intelligence Intelligently

The smart use of intelligence sharing could minimize the impact of cyber-attacks, but a lack of trust often inhibits organizations from benefiting from intelligence sharing.

Smart Use of Threat IntelligenceSmart Use of Threat Intelligence

64% of respondents said they believe threat intelligence could have prevented or minimized consequences of cyber-attacks they experienced in the last 24 months. In 2014, the percent was 61%.

Exchanging Threat Intelligence Makes SenseExchanging Threat Intelligence Makes Sense

75% of respondents believe exchanging threat intelligence improves their security posture. 63% say it’s good for the United States’ critical infrastructure.

Timeliness of Threat Intelligence Is KeyTimeliness of Threat Intelligence Is Key

Timeliness makes threat intelligence the most actionable. Next comes the ability to prioritize and the trustworthiness of the source.

Shelf-Life of Threat IntelligenceShelf-Life of Threat Intelligence

Although 89% of respondents believe threat intelligence has a shelf-life of hours or less, 79% refresh their data in daily or longer increments.

Free Sources Are Biggest Threat Intelligence SourceFree Sources Are Biggest Threat Intelligence Source

The biggest source of threat intelligence is resources, yet 46% of respondents say they cannot prioritize threats. 39% have no confidence in free sources and 35% also say these resources offer no context.

Liability Stymies Exchange of Threat IntelligenceLiability Stymies Exchange of Threat Intelligence

The main inhibitors for exchanging threat intelligence are liability issues, lack of trust in sources and lack of resources.

Movement Toward Centralized Program, Dedicated TeamMovement Toward Centralized Program, Dedicated Team

Silos are a major barrier to effective collaboration. Centralizing control over the exchange of threat intelligence is rising and might address the silo problem.

How Organizations Exchange Threat IntelligenceHow Organizations Exchange Threat Intelligence

65% of respondents say intelligence is most often shared through informal peer-to-peer exchanges, an increase from 57% in last year’s study. Use of vendor threat exchange services has decreased year-over-year from 53% to 45% of respondents who rely on vendors.

Exchange Really Means ExchangeExchange Really Means Exchange

More respondents use and provide threat intelligence, in nearly equal proportion, compared to last year—42% versus 36%.

Main Sources of Threat IntelligenceMain Sources of Threat Intelligence

The main sources of threat intelligence continue to be IT security vendors and peers in other companies. Law enforcement and government officials as sources remain low and have even decreased since last year.

How Threat Intelligence Is ReceivedHow Threat Intelligence Is Received

63% of respondents receive threat intelligence through data feeds, 59% get it through peer group discussion on the phone, email or in person. 51% get it from threat advisories.

Karen A. Frenkel
Karen A. Frenkel
Karen A. Frenkel is a contributor to CIO Insight. She covers cybersecurity topics such as digital transformation, vulnerabilities, phishing, malware, and information governance.

Get the Free Newsletter!

Subscribe to Daily Tech Insider for top news, trends, and analysis.

Latest Articles