Threat intelligence adoption trends & challenges

Image via Freepik

According to a new study, most enterprise IT security managers rely on threat intelligence to reduce cyber risk yet still lack the necessary skills and resources. Threat intelligence helps to reduce vulnerability risk to optimize security posture, removing blind spots and providing visibility.

The latest results of Vulcan Cyber's ongoing research into vulnerability risk management initiatives and risk impact on business operations finds that 75% of organizations have dedicated threat intelligence teams, and two-thirds have dedicated threat intelligence budgets.

Despite this, 73% of respondents indicated a "lack of skills" is their biggest threat intelligence challenge and is keeping organizations from fully leveraging investments in threat intelligence resources. Fifty-five percent of respondents identified threat intelligence as not being sufficiently predictive to keep cyber teams ahead of threat actors.

Conducted by Gartner Pulse, the latest Vulcan Cyber vulnerability management survey surveyed 100 information security, vulnerability management and threat intelligence executives and practitioners to examine the effectiveness of threat intelligence sources as part of an integrated cyber risk and vulnerability management program designed to reduce risk and improve cyber hygiene.

According to the latest survey, threat intelligence is crucial for ongoing vulnerability detection and prioritization. In fact, 87% of decision-makers rely on threat intelligence "often or very often" for vulnerability prioritization. More than 90% of organizations rate their ability to respond based on threat intelligence as average or better.

Melissa Bischoping, Director, Endpoint Security Research at Tanium, says, "Threat intelligence can be a powerful source of data to help prioritize 'what do we fix first.' Every organization has to make strategic choices about which vulnerabilities to patch first and which solutions to modernize at what cost. Threat intelligence is an absolutely critical piece of how you make those decisions in the context of both your unique environment AND the changing pace of the cyber threat landscape."

Other key findings from the Vulcan Cyber survey include:

Threat intelligence adoption is increasing as more companies have dedicated teams (75%) and budgets (66%).
Organizations use threat intelligence on an ongoing and frequent basis, with 75% of respondents using threat intelligence at least weekly.
Threat intelligence is used in various ways, but primarily for "traditional cybersecurity," like blocking bad IPs.
Seventy-three percent of managers indicate that a lack of skills to leverage threat intelligence is a key problem.
Fifty-five percent of respondents said their threat intelligence data is not predictive enough.

"It is good that we're seeing such extensive adoption of threat intelligence feeds by so many different types of cyber teams," said Yaniv Bar-Dayan, CEO and co-founder of Vulcan Cyber. "It's even more encouraging to see the share of organizations that have dedicated teams and budgets to act upon those findings. Nonetheless, a concerted effort to scale our ability to respond with precision will be correspondingly more crucial as cloud-native environments grow more complex. Teams don't just need tools and people, they need skills and the ability to use the tools at their disposal to improve the security posture of their organizations."

For more information, visit www.vulcancyber.com.

ON DEMAND: Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.