November 7, 2016 By Larry Loeb 2 min read

A recent Ponemon Institute report, sponsored by Anomali, titled “The Value of Threat Intelligence,” addressed how organizations use threat information. The study looked at the benefits of this technology and the challenges of integrating it with existing security platforms and solutions.

Valuable Insight

The study suggested that companies value threat intelligence highly, since 77 percent of respondents described it as essential to their organization’s overall security mission. Virtually the same number (78 percent) indicated that a strong cybersecurity posture is a top concern, and another 57 percent noted that it would drive IT decision-making. Only 46 percent of respondents, however, said their IT teams used threat data to decide how to respond to threats.

Additionally, 70 percent of survey participants said their organization struggle to take action based on threat intelligence because the volume is overwhelming or too complex. Just 32 percent said their company’s IT professionals refer to this kind of data to inform senior executives about cyberthreats.

Threat Analysts Wanted

The objective of threat intelligence is to identify things that are out of place or not routinely encountered. That may mean shifting focus to a security strategy that depends on the specific area being investigated, which could require hiring a threat analyst. Indeed, 52 percent of respondents to the Ponemon survey said their companies would need a qualified threat analyst to separate the noise from actionable data.

“There’s too much data to really make sense of if you have a limited resource staff of security operations center analysts or threat analysts,” Travis Farral, the director of security strategy at Anomali, told CSO Online. “It can be overwhelming to sit and figure out which of these 100,000 things to look at first.”

Maximizing Threat Intelligence

Effective threat intelligence requires a solid solution. According to the survey, 79 percent of respondents considered a reliable platform necessary to maximize this data, and another 70 percent of platform users said it helped to pinpoint and prioritize incidents of compromise.

While it may be difficult to integrate threat intelligence into extant business systems, it can also provide information that can’t be found through other means.

More from

When ransomware kills: Attacks on healthcare facilities

4 min read - As ransomware attacks continue to escalate, their toll is often measured in data loss and financial strain. But what about the loss of human life? Nowhere is the ransomware threat more acute than in the healthcare sector, where patients’ lives are literally on the line.Since 2015, there has been a staggering increase in ransomware attacks on healthcare facilities. And the impacts are severe: Diverted emergency services, delayed critical treatments and even fatalities. Meanwhile, the pledge some ransomware groups made during…

AI and cloud vulnerabilities aren’t the only threats facing CISOs today

6 min read - With cloud infrastructure and, more recently, artificial intelligence (AI) systems becoming prime targets for attackers, security leaders are laser-focused on defending these high-profile areas. They’re right to do so, too, as cyber criminals turn to new and emerging technologies to launch and scale ever more sophisticated attacks.However, this heightened attention to emerging threats makes it easy to overlook traditional attack vectors, such as human-driven social engineering and vulnerabilities in physical security.As adversaries exploit an ever-wider range of potential entry points…

4 trends in software supply chain security

4 min read - Some of the biggest and most infamous cyberattacks of the past decade were caused by a security breakdown in the software supply chain. SolarWinds was probably the most well-known, but it was not alone. Incidents against companies like Equifax and tools like MOVEit also wreaked havoc for organizations and customers whose sensitive information was compromised.Expect to see more software supply chain attacks moving forward. According to ReversingLabs' The State of Software Supply Chain Security 2024 study, attacks against the software…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today