- Gartner EMM Report Highlights Mobile Security Advancements
- HIMSS Analytics Highlights Health IT Mobile Security Concerns
The report surveyed over 1,000 IT and security professionals across all major verticals including healthcare.
Nearly half of the respondents said their organization participates in threat intelligence sharing communities. However, only 40 percent contribute by sharing their data, while 60 percent only receive community intelligence without contributing their own data.
This year’s report saw increases in threat intelligence over last year’s report, indicating that organizations are making sufficient efforts to better leverage the technology.
Fifty-one percent said that they their security incident responders are using threat intelligence, which is up from 46 percent last year. Sixty-three percent stated that threat intelligence drives decision-making within their organizations’ security operations center, versus the reported 57 percent last year.
The biggest increase over the 2016 data is how organizations rated their effectiveness at using threat intelligence. Only 27 percent rated themselves as highly effective in 2016 while 41 percent rated themselves highly effective this year.
“It’s abundantly clear that organizations now understand the benefits provided by threat intelligence, but the overwhelming volume of threat data continues to pose a hurdle to truly effective adoption,” Ponemon Institute Chairman and Founder Dr. Larry Ponemon said in a statement.
“Threat intelligence programs are often challenging to implement, but when done right, they are a critical element in an organization’s security program. The significant growth in adoption over the past year is encouraging as it indicates widespread recognition of the value threat intelligence provides.”
Threat intelligence is being used more effectively over last year’s report. However, the volume of data produced by threat intelligence remains one of the top issues preventing many organizations from using the technology as effectively as they want to.
Seventy percent indicated that threat data is too voluminous or complex to provide actionable intelligence, which is up 1 percent from last year.
Organizations also indicated that there was no progress in the complexity of integrating threat intelligence into their IT infrastructure. Sixty-four percent of organizations in 2017 and 2016 felt that the technology was too time consuming for their current staff.
Over half of respondents in both reports stated that threat analyst activities are not often aligned with operational security events, making it difficult to use the data.
Despite the continued struggles, threat intelligence is still seen as valuable and necessary for organizations that experience a high volume of cybersecurity threats. Many organizations struggle with how to deploy and manage the technology, but they still see the value in having it as part of their IT infrastructure security.
“We all see the growing cybersecurity threats, with attacks routinely making the front page,” Anomali CEO Hugh Njemanze said in a statement. “Every day cyber researchers discover thousands of new threats. Organizations need rapid access to the latest threat intelligence to detect any malicious activity in their networks.”
“In the face of unprecedented volumes of cyber threats, organizations must be able to quickly pinpoint active threats and mitigate them before material damage occurs,” Njemanze continued. “This requires a system that is able to prioritize threat data and turn it into actionable insights.”
The report predicted that organizations will be more successful with threat intelligence in the coming year as long as they identify resources and techniques that will help maximize threat intelligence effectiveness.
This includes hiring qualified threat analysts and taking the time to integrates threat intelligence with other IT infrastructure security systems to ensure the data is as accurate as possible.
By 