IID, the source for clear cyberthreat intelligence, today announced the immediate availability of the IID and Ponemon Institute survey entitled, “Exchanging Cyber Threat Intelligence: There Has to Be a Better Way.” The second annual survey includes insight from 692 IT and IT security professionals from both global businesses and government agencies, who answered more than three-dozen questions around threat intelligence sharing. The majority of organizations where those employees work have more than 1,000 employees.
When asked, “Did your company have a material security breach in the past 24 months,” 47 percent of those surveyed said yes. Survey participants also asserted that threat intelligence–information that has been analyzed and refined so that it is useful in hindering cyberthreats–could have prevented those cyberattacks. Specifically, 65 percent said that they believed threat intelligence could have prevented or minimized the consequences of a cyberattack they had suffered in the last 24 months. When asked the same question in the 2014 survey, 61 percent said yes.
“It is becoming more and more apparent that raw threat data is not effective. Just like the bad guys share ways to carry out their attacks, organizations must also share actionable and timely ways to stop threats,” said Larry Ponemon, Chairman and Founder of the Ponemon Institute. “It is also clear that it is impossible for one organization to harvest that threat intelligence on their own as evidenced by the fact that 83 percent of people we surveyed exchange threat intelligence.”
Other key findings in the survey include:
- Exchanging threat intelligence is imperative and good for the U.S.
Seventy-five percent of respondents believe exchanging threat intelligence improves their organization’s security posture and 63 percent say it’s good for the United State’s critical infrastructure.
- Timeliness is the most important threat intelligence quality
Respondents said timeliness makes threat intelligence the most actionable followed by the ability to prioritize and trustworthiness of the source. Despite 89 percent believing threat intelligence has a shelf life of hours or less, 79 percent refresh their data in increments of daily or longer.
- Most using free sources, but not confident in data
The biggest source of threat intelligence is free sources. Yet 46 percent say they cannot prioritize threats with, 39 percent they have no confidence in and 35 percent they have no context with free sources.
- Issues are still stopping the exchange of threat intelligence
The main inhibitors for exchanging threat intelligence are potential liability issues, lack of trust in sources and lack of resources.
“The amount of large organisations that have been breached online is eye opening, but what is equally interesting is the fact that IT and security professionals know what they need to stop those cyberattacks yet they are not doing so,” said IID Vice President of Marketing Mark Foege. “We must continue to work together as an industry to make threat intelligence as timely, relevant and actionable as possible or else the bad guys will continue to infiltrate large businesses and governments worldwide.”
To download the complete survey findings, go to internetidentity.com.