Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Sunday, 28 May, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Cyber intelligence sharing overlooked by UK organisations

by The Gurus
September 15, 2017
in Editor's News
Share on FacebookShare on Twitter

Anomali, today released the findings of its second annual Ponemon Institute study, revealing that organisations are still not actioning or sharing threat intelligence adequately, leaving them lagging behind cyber attackers. A third (33%) of UK organisations are not sharing information externally at all and 31% have no plans to join an industry sharing group. This is in stark contrast to cybercriminal communities who often share strategies and tools on Darknet marketplaces and underground forums.
 
“The Value of Threat Intelligence: The Second Annual Study of North American and United Kingdom Companies”, surveyed over 1,000 IT and security practitioners (443 UK), also found that a lack of expertise in threat intelligence (56%) and fear of revealing signs of a breach (51%) were holding UK organisations back from sharing. This is despite the availability of sector-based Information Sharing and Analysis Centers (ISACs), which enable businesses to share information in trusted communities to increase knowledge of physical and cyber security threats. Even for organisations that are currently involved in an ISAC, over a quarter (28%) just receive community intelligence and do not contribute.
“While we have seen that 86 percent of organisations believe threat intelligence is valuable to their security mission, it is clear there is still work to be done. Organisations must overcome their sharing concerns, fears of exposure, and train the entire business to understand and action upon malicious activity if they are to turn the tide on bad actors,” said Jamie Stone, VP EMEA at Anomali.
 
The study also uncovered a disparity between UK organisations and their US counterparts in intelligence sharing:

  • 43% of US respondents are part of an ISAC, while just 33% of UK businesses are, showing a potential lag in cyber security maturity
  • 35% UK organisations share intelligence with government associations, versus 26% US businesses, demonstrating a willingness to help with attribution of cyber attacks
  • The US is much more concerned about liability 28% versus 16% UK organisations, but depending on the legal framework in place that facilitates intelligence sharing, ample protections around disclosure should already exist to ensure protection

 
“Sharing of intelligence improves visibility for better data analysis, delivers stronger defences that are optimised against observed and perceived threats, and coordinates intelligence collection and analysis. Pushing out cyber attack details quickly could mean the difference in someone else being breached and being able to stop it quickly. As well as faster answers to incident response challenges thanks to the additional resources, adding skills and expertise to the event,” continued Stone.
 
However, organisations still struggle to maximise the value of threat intelligence and feel that they are only moderately effective in tapping into intelligence to combat cyber threats. Voluminous data continues to be an issue, with 70% overwhelmed and unable to extract actionable intelligence. Other top reasons for threat intelligence ineffectiveness include:

  • Lack of staff expertise (69 percent of respondents)
  • Lack of ownership (52 percent of respondents)
  • Lack of suitable technologies (44 percent of respondents)

 
In order to maximise the effectiveness of threat intelligence, organisations must identify a variety of resources and techniques to help. Threat feeds themselves are not intelligence and not everything will be relevant to an organisation, therefore applying contextual details must be prioritised where possible. Businesses must understand their own environment, the attacks they and their peers see, and extrapolate meaning from the data available. To aid in this, a threat intelligence platform (TIP) automates these processes, easily integrates into existing security stacks, weeds out false positives, adds context, and brings the most important observed threats in an organisation’s environment to the foreground.
 
“From NotPetya to the Equifax breach, cybersecurity threats and attacks routinely making the front page. Organisations need rapid access to contextual and actionable threat intelligence to detect any malicious activity in their networks,” added Stone. “Organisations must be able to quickly pinpoint active threats and mitigate them before material damage occurs. This requires a platform that is able to prioritise threat data, operationalise insights, and facilitate the sharing of intelligence.”
 
To download a copy of the report, “The Value of Threat Intelligence: The Second Annual Study of North American and United Kingdom Companies,” please visit: www.anomali.com/ponemon

FacebookTweetLinkedIn
Tags: CybersecurityTechnology
ShareTweet
Previous Post

Brits Fear Driverless Cars Will Crash

Next Post

Taking the Bait: Can You Resist an Email Phishing Attack?

Recent News

SnapDragon Monitoring scam advice

Tips to Protect Against Holiday and Airline Scams

May 25, 2023
Access Segmentation & Encryption Management from MyCena

New security model launched to eliminate 95% of cyber breaches

May 25, 2023
KnowBe4 Helps Organisations Battle QR Code Phishing Attacks With New Tool

KnowBe4 Helps Organisations Battle QR Code Phishing Attacks With New Tool

May 25, 2023
Purple Logo, capitalised letters: SALT.

Salt Security Uncovers API Security Flaws in Expo Framework, Issues have been Remediated

May 24, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information