Organisations “rapidly embracing cyber threat intelligence” to combat growing security concerns

In partnership with The Ponemon Institute, Anomali has now published the third annual report on the cyber threat intelligence sector. The report reveals the continued widespread adoption of threat intelligence, with 79% of North American respondents, for example, indicating that they now leverage intelligence in security programmes. Despite this rapid adoption, though, the level of effectiveness still lags, with only 41% of respondents claiming to be effective with their intelligence programmes.

‘The Value of Threat Intelligence: Annual Study of North American and UK Companies’ surveyed over 1,000 IT and security practitioners to evaluate threat intelligence usage, benefits and challenges. The survey found that 85% rate threat intelligence as being highly important to security operations. While phishing attacks are most worrisome for 25% of respondents, they’re most time-consuming for nearly twice as many respondents (45%). Data volumes continue to strain detection capabilities. There’s too much internal traffic, too many threat indicators to track, too many false positives and a lack of historical data to perform investigations.

“For the third straight year we’ve seen threat intelligence use by enterprises consistently grow across the US and the UK,” said Dr Larry Ponemon, chairman and founder of The Ponemon Institute. “During this period, we’ve also seen rapid growth in attack frequency and the need for security teams to improve their detection capabilities. Threat intelligence offers the promise to identify attacks earlier and respond more effectively.”

The report examines in detail the barriers to more successful adoption of threat intelligence and provides recommendations for organisations looking to augment threat detection and response capabilities. The rise of phishing attacks is taxing often understaffed security teams, the constituent members of whom must now analyse, investigate and respond to myriad threats daily, often at the expense of the deeper investigation of more sophisticated and targeted attacks. This points towards the overriding need for greater automation and prioritisation of serious threats.

“Threat intelligence offers security teams detectable ‘fingerprints’ of malicious actors,” said Dan Barahona, chief marketing officer at Anomali. “When properly leveraged, this intelligence can reveal serious attacks at their earliest stages. Our research with The Ponemon Institute confirms this value, while uncovering the challenges organisations now face when it comes to fully operationalising threat intelligence.”

*A full report is available for download including detailed statistics on the effectiveness gap, eight Best Practice tips from top performing cyber threat intelligence organisation and comprehensive statistics from this year’s report. Download the document at:

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.

Related Posts