Surveys: Security Pros Overwhelmed, Not Communicating, Threat Intel Data

  /     /     /  
Publicated : 22/11/2024   Category : security


Surveys: Security Pros Overwhelmed, Not Communicating, Threat Intel Data


Two new studies underscore the challenges of making threat intelligence part of the enterprise arsenal.



Two new surveys released in the last week revealed troubling but telling trends in enterprise security: 70 percent of infosec professionals are overwhelmed by the volume and complexity of threat intelligence data, according to
a report
from security vendor Anomali and the Ponemon Institute;
a separate survey
from consultancy BDO USA found that only 27% of respondents share security information externally, with an almost equal number (24%) saying they dont share information at all.
The Anomali survey also identified information sharing challenges. Barely one-third (31%) of organizations share threat intel with board and C-level leaders.
The two surveys datasets feed off each other. The more overwhelmed that security pros are by data volumes, the less likely they are to share what theyre seeing; the less they share, the more data that floods their desktops and management consoles.
Unraveling this knot is widely viewed as critical to helping enterprises and government get ahead of the constant stream of threats they face. That means improving the way threat intel is used and managed on a day-to-day basis, whether through devoting personnel to the tasks or automating more of the functions. It also means opening up the channels of communication around threat intel, both internally and externally, according to the surveys. 
Anomali further uncovered that 56% dont use standardized communication protocols; more alarming, 43% said the data isn’t used to drive decisions within the security operations center. And just to pound the nail in, 49% reported their IT security team doesn’t receive or read threat intelligence reports.
The Anomali survey also pointed up a pitfall with threat intelligence. Many organizations think they can set up intelligence feeds and essentially ignore them until trouble starts. But threat intelligence requires someone devoted to monitoring feeds, and more importantly, analyzing and watching for patterns, according to Travis Farral, director of security strategy at Anomali. Correlating disparate data, applying analytics, and reporting out the insights will keep at least one infosec pro busy, added Farral, who handled threat intelligence for ExxonMobil prior to joining Anomali a month ago.
Theres also a security evolution as institutions go from broad-based protection to detection, understanding breaches, and handling remediation, said Michael Stiglianese, managing director in BDO Consulting’s technology advisory services practice. The next step is how to bring in threat intelligence, he told Dark Reading. Analytics tools can help organizations sift through all that raw data and find whats relative and useful to the organization, he added.
BDO also reported that 74 percent of respondents said their board is more involved with security than they were a year ago. While thats an uptick from the previous year, Stiglianese said there would be more alarm and calls for action if similar results emerged about boards attention to other essentials like credit-worthiness, for example. Were moving in the right direction. But when you consider how important security is to organizations, its disappointing, he said.
Other key points from the BDO survey:
--Among the respondents who do share security information, 88% are sharing with federal agencies, followed by 28% with Information Sharing and Analysis Centers (ISACs). Only 19% share with competitors.
 --88% of directors get briefed on security at least once a year, including 34% that are briefed quarterly and 37% that are briefed annually; 9% are briefed twice a year and 8% more often than quarterly (8%).  Some 12% get no security briefings at all.
--Almost half (45%) of directors have documented their business’s critical digital assets along with solutions to protect them, up from 34% in 2015 had completed this task. Another 25% have identified critical digital assets but still lack a protection strategy.
--43% have initiated cyber-risk requirements that their third-party vendors must meet, up from 35% last year.
Related Content:
Threat Intelligences Big Data Problem
Epic Security #FAILS Of The Past 10 Years
Automobile Industry Gears Up For Cyber-Threat Intel-Sharing
A Threat Intelligence-Sharing Reality-Check
 

Last News

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Surveys: Security Pros Overwhelmed, Not Communicating, Threat Intel Data