November 7, 2016 By Larry Loeb 2 min read

A recent Ponemon Institute report, sponsored by Anomali, titled “The Value of Threat Intelligence,” addressed how organizations use threat information. The study looked at the benefits of this technology and the challenges of integrating it with existing security platforms and solutions.

Valuable Insight

The study suggested that companies value threat intelligence highly, since 77 percent of respondents described it as essential to their organization’s overall security mission. Virtually the same number (78 percent) indicated that a strong cybersecurity posture is a top concern, and another 57 percent noted that it would drive IT decision-making. Only 46 percent of respondents, however, said their IT teams used threat data to decide how to respond to threats.

Additionally, 70 percent of survey participants said their organization struggle to take action based on threat intelligence because the volume is overwhelming or too complex. Just 32 percent said their company’s IT professionals refer to this kind of data to inform senior executives about cyberthreats.

Threat Analysts Wanted

The objective of threat intelligence is to identify things that are out of place or not routinely encountered. That may mean shifting focus to a security strategy that depends on the specific area being investigated, which could require hiring a threat analyst. Indeed, 52 percent of respondents to the Ponemon survey said their companies would need a qualified threat analyst to separate the noise from actionable data.

“There’s too much data to really make sense of if you have a limited resource staff of security operations center analysts or threat analysts,” Travis Farral, the director of security strategy at Anomali, told CSO Online. “It can be overwhelming to sit and figure out which of these 100,000 things to look at first.”

Maximizing Threat Intelligence

Effective threat intelligence requires a solid solution. According to the survey, 79 percent of respondents considered a reliable platform necessary to maximize this data, and another 70 percent of platform users said it helped to pinpoint and prioritize incidents of compromise.

While it may be difficult to integrate threat intelligence into extant business systems, it can also provide information that can’t be found through other means.

More from

Is the water safe? The state of critical infrastructure cybersecurity

4 min read - On September 25, CISA issued a stark reminder that critical infrastructure remains a primary target for cyberattacks. Vulnerable systems in industrial sectors, including water utilities, continue to be exploited due to poor cyber hygiene practices. Using unsophisticated methods like brute-force attacks and leveraging default passwords, threat actors have repeatedly managed to compromise operational technology (OT) and industrial control systems (ICS).Attacks on the industrial sector have been particularly costly. The 2024 IBM Cost of a Data Breach report found the average total…

Cybersecurity trends: IBM’s predictions for 2025

4 min read - Cybersecurity concerns in 2024 can be summed up in two letters: AI (or five letters if you narrow it down to gen AI). Organizations are still in the early stages of understanding the risks and rewards of this technology. For all the good it can do to improve data protection, keep up with compliance regulations and enable faster threat detection, threat actors are also using AI to accelerate their social engineering attacks and sabotage AI models with malware.AI might have…

Cloud threat report: Why have SaaS platforms on dark web marketplaces decreased?

3 min read - IBM’s X-Force team recently released the latest edition of the Cloud Threat Landscape Report for 2024, providing a comprehensive outlook on the rise of cloud infrastructure adoption and its associated risks.One of the key takeaways of this year’s report was focused on the gradual decrease in Software-as-a-Service (SaaS) platforms being mentioned across dark web marketplaces. While this trend potentially points to more cloud platforms increasing their defensive posture and limiting the number of exploits or compromised credentials that are surfacing,…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today