Majority of IT security teams experiencing 'threat overload,' neglect to share security data
Seventy percent of security industry professionals believe threat intelligence is too complex or voluminous to provide actionable insights, according to Ponemon Institute's Threat Intelligence report released today.
Security teams within an organization are unprepared to deliver on threat intelligence: only 46 percent of respondents use threat data to determine how to handle malicious activity. And 73 percent admitted they don't effectively use threat data to pinpoint cyber threats.
Further, the prioritizing malicious activity data is also incredibly difficult for 53 percent of respondents. Another 43 percent of respondents said the data isn't used for their organization's decision making, and 49 percent said their IT team doesn't receive or read threat reports.
Ponemon partnered with Anomali to survey over 1,000 respondents in both the U.S and U.K to determine how organizations prioritize threat intelligence.
"Too much data that is not delivered in the right way can be just as bad as not enough. This is the situation that many companies find themselves in - we call it threat overload," Hugh Njemanze, Anomali's CEO said in a statement.
"The number of threat indicators is skyrocketing and organizations simply cannot cope with the volume of threat intelligence data coming their way," he added. "It's clear what businesses need is a system that pinpoints the threats they must take notice of and that gives them actionable and relevant insights."
To make matters worse, organizations neglect to share essential threat data with board members and C-level executives. Although security issues are now considered a business priority: Only 31 percent of key stakeholders receive information about critical security and risk issues.
According to respondents, the biggest causes for ineffectiveness? A lack of staff expertise (69 percent), lack of ownership (58 percent) and a lack of suitable technologies (52 percent). Furthermore, 70 percent felt it was very difficult or difficult to prioritize threat intelligence without a platform.
On a positive note, the majority of respondents are shifting their priorities to improve their cybersecurity posture; two-thirds of organizations either plan to or already have in place a threat intelligence platform. And 70 percent of organizations plan to improve threat intelligence efficiency in the future.
"Every industry knows that threat intelligence is a key component of any effective defense strategy and, as this survey points out, it has become too overwhelming to deal with," Larry Ponemon, Ponemon's founder and chairman said in a statement.
"Security providers do a great job of gathering and storing data," he continued. "Now, they need to simplify it and make it actionable so that security teams and top executives can make decisions that protect their businesses from surging attacks."