Our website makes use of cookies like most of the websites. In order to deliver a personalised, responsive and improved experience, we remember and store information about how you use it. This is done using simple text files called cookies which sit on your computer. These cookies are completely safe and secure and will never contain any sensitive information. By clicking continue here, you give your consent to the use of cookies by our website.

Friday, 13 November 2015 15:32

Threat intelligence identified as investment priority for 2016

Written by 

Businesses are failing to capitalise on a holistic and integrated view of security with performance, skills, and costs remaining their biggest hurdles to adopting threat intelligence  

A new IDC survey on the understanding of threat intelligence found that while most businesses intend to use some form of threat intelligence product and service – a service that understands the threats and tools and techniques an adversary may use - many are hampered by major challenges  around performance and response times (75%), training and expertise (59%), and the costs of tools, maintenance and personnel (52%).

The SecureData sponsored survey, Towards Threat Wisdom, found analytics-based issues are also regarded as a significant hurdle. Correlating events (49%) and reducing false positives / negatives (36%) scored surprisingly high, while two thirds of organisations (66%) plan to invest in Big Data analytics engines, but only a quarter are ready to invest in third-party intelligence products or services.

“Threat intelligence is not simply information,” states Duncan Brown, Research Director, IDC. “It is a service delivering a collated and correlated range of data feeds and sources to provide actionable advice to security operations. Getting this holistic view of security beyond IT is critical to understanding the full context of threat information, but our study suggests firms are taking a somewhat traditional view of intelligence that discounts more innovative developments.”

Crucially, although many organisations collect a substantial amount of information across their IT security infrastructure, they are failing to integrate this with their threat intelligence platform:

  • Less than 60% of respondents integrate data from their firewall or UTM devices
  • Just under half (47%) of the 86% of organisations using an MDM to manage mobile devices integrate the data with their threat intelligence platform
  • Only 34% of firms correlate external data such as threats or attacks on peer companies with their Threat Intelligence platform

Etienne Greeff, CEO of survey sponsors SecureData said “IDC’s findings suggest Chief Information Security Officers are not considering the wider context in which their business operates, either from a physical security and application security perspective, or from a broader industry viewpoint.” Adding, “Nevertheless, the fact they recognise the importance of increased context and intend to invest in such insight as a priority is encouraging as it will enable them to adopt an offensive security posture ­ one that mitigates the ever-expanding attack surface and better protects their infrastructure, applications and valuable information assets."

Leave a comment

Make sure you enter the (*) required information where indicated. HTML code is not allowed.



255x635 banner2-compressed