According to the recently released Ponemon Institute Threat Intelligence report, 70% of security professionals believe threat intelligence is too complex to provide insights that can be acted upon. Ponemon and Anomali surveyed over 1,000 respondents in both the US and UK to gain insight into how their organizations utilize threat intelligence. The report found that security teams are often unprepared to deliver on threat intelligence:
46% of respondents said they use threat data to determine how to handle malicious activity.
73% reported that they don’t use threat data to effectively pinpoint cyber threats.
53% of respondents said that prioritizing malicious data activity is difficult.
43% said that threat intelligence data is not used in their decision making processes.
49% reported that their IT teams don’t receive or read threat reports.
CEO of Anomali, Hugh Njemanze said, “Too much data that is not delivered in the right way can be just as bad as not enough. This is the situation that many companies find themselves in – we call it threat overload. The number of threat indicators is skyrocketing and organizations simply cannot cope with the volume of threat intelligence data coming their way. It’s clear what businesses need is a system that pinpoints the threats they must take notice of and that gives them actionable and relevant insights.”
To make things worse, the report also found that organizations are neglecting to share threat intelligence data with executives and board members. In fact, only 31% of key stakeholders receive information regarding critical security and risk issues.
Ponemon founder and chairman Larry Ponemon concluded, “Security providers do a great job of gathering and storing data. Now, they need to simplify it and make it actionable so that security teams and top executives can make decisions that protect their businesses from surging attacks.”