Threat Intelligence Sharing Valued, But Many Not Doing it: Survey

Wednesday, May 27, 2015

Brian Prince

0ead717779244d9aab5c1699308850d2

Enterprises may largely agree that threat intelligence is important, but few are doing any actual sharing themselves, according to a new survey.

According to a survey by Enterprise Strategy Group (ESG), while 94 percent of the more than 300 IT professionals surveyed believe it is either highly or somewhat valuable to share threat intelligence between federal agencies and the private sector, only 37 percent actually share internally-driven threat intelligence with other companies or Information Sharing and Analysis Centers (ISACs).

"There is clearly an understood value in leveraging threat data, but organizations are finding it difficult to collect, analyze and pinpoint critical threats," said Jon Oltsik, ESG senior principal analyst, in a statement.

Earlier this year, a separate study by the Ponemon Institute revealed a similar finding. In that survey, organizations expressed overwhelming support for threat intelligence, with 80 percent of those that had experienced a breach during the past two years stating that threat intelligence would have prevented or minimized the consequences of the attack. However while 45 percent of respondents said they are increasing the amount of intelligence data they receive, just nine percent classified the accuracy of that intelligence as "very reliable."

"According to our research, automation is needed for organizations to wade through the mass of alerts they receive, and standards are needed for the secure sharing of threat intelligence," Oltsik said.

Read the rest of this article on SecurityWeek.com.

7514
Budgets Enterprise Security Policy Security Awareness Security Training
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.