Security platform provider ThreatConnect’s latest survey, entitled ‘Building A Threat Intelligence Programme’, reports that cyber security decision-makers inside organisations with mature threat intelligence programs (70%) say their infrastructure has blocked threats to the business that would have otherwise cost them a significant amount of money. On average, an estimated £6 million has been saved in the last 12 months.
The study surveyed 350 cyber security decision-makers in UK organisations, three-in-five (61%) of which boast annual revenues over £50 million. When asked the most important factors for evaluating the success of a threat intelligence programme, organisational leaders pointed to the protection of client information (76%), removing risks faced due to cyber crime activities (56%), preventing service interruptions for core business functions (49%) and protecting the monetary assets of the business (47%).
Highly-publicised attacks are serving as a wake-up call for British businesses. More than one-in-four cyber security decision-makers say their organisations made changes to their threat intelligence programmes due to highly-publicised threats such as WannaCry and Heartbleed. Sharing data with Government groups is also a priority for many UK organisations. More than two-in-five cyber security decision-makers report the sharing of malware data, ransomware data or general threat data with Government groups or NGOs.
There are differing viewpoints among organisational leaders and those executing day-to-day operations when it comes to the rate of success in preventing cyber attacks. Organisational leaders are more likely than senior management to say their organisation’s threat intelligence programme successfully prevents attacks including phishing attacks (80% versus 52%), ransomware (74% versus 49%) and breaches of customer data (65% versus 37%) most of the time.
“Cyber security has become a major risk factor for businesses in every sector,” said Adam Vincent, ThreatConnect’s CEO. “There’s a huge amount of money at stake, not just in terms of direct theft, but also in the form of Government fines for improper data handling. Companies that don’t have a clear view of their network and how it could be at risk are in danger of a serious financial impact. An effective threat intelligence programme can help to equip security teams in identifying the most relevant threats, make decisions on how to defend themselves sooner and quickly respond to incidents in a measurable way.”
*A global report of the survey results may be downloaded at https://www.threatconnect.com/wp-content/uploads/ThreatConnect-Building-a-Threat-Intelligence-Programme-UK.pdf