Connect with us

Hi, what are you looking for?

HEADLINES

IT security leaders lean on external support for most aspects of threat intelligence

IT security leaders seeking to boost internal threat intelligence (TI) programs would prefer to delegate five out of eight major TI aspects to external vendors rather than develop them in-house.

According to a commissioned survey conducted by Forrester Consulting on behalf of Kaspersky, IT security leaders seeking to boost internal threat intelligence (TI) programs would prefer to delegate five out of eight major TI aspects to external vendors rather than develop them in-house. For most respondents, quicker threat detection, remediation and response are the main advantages of using external solutions.

Threat intelligence has become a must-have for incidents prevention and an important area for organizations to invest in. At the same time, this new specialty remains challenging for IT security teams because it requires constant tracking, analyzing, and interpreting of large amounts of fragmented data in addition to regular reevaluation and adjusting of appropriate skills, sources and tools. 

The new study, evaluating threat intelligence practices among firms with mature cyber security functions, revealed that although 83% of decision-makers recognize the crucial role of threat intelligence in building a resilient cybersecurity program and plan to invest in the area, TI remains a challenging specialty for all firms. 

Close to two-thirds of IT security leaders (64%) said their firm struggles to align their threat intelligence program with their risk management program, and 62% face difficulties implementing measurement procedures to track threat intelligence effectiveness. 

Advertisement. Scroll to continue reading.

Other major concerns include improving knowledge of the threat landscape, prioritizing multiple stakeholder requirements for information, and identifying gaps in data.

To tackle these challenges and improve their threat intelligence program, IT security decision-makers plan to implement a range of measures internally and leverage vendors’ offerings. Respondents believe it is more efficient to lean on external vendors for the majority of TI needs. 

Six in ten (61%) would put support in place for processing raw intelligence information, 60% for collecting human intelligence, and 59% for integrating data feeds with other security tools. However, firms still prioritize developing in-house capabilities for choosing and aggregating data sources.

The top two benefits of using vendors’ support are quicker threat detection, remediation and response (56%) and improved efficiency with automated reporting processes (52%). About half of respondents also said external solutions can reduce the number of breaches and lower associated costs.

“Threat intelligence program strengthens a company’s defense, contributing to visibility over the threat landscape by providing relevant and applicable insights. Facilitating threat intelligence processing and analysis it enables companies to make timely and fully-informed decisions. However, evaluating TI services and choosing among the innumerable available market options is another challenge that confronts IT security teams,” comments Artem Karasev, Product Marketing Lead, Corporate Product Marketing at Kaspersky. 

“Our experience in threat research suggests that while there are virtually no criteria perfectly applicable for all organizations, the guiding principle for choosing external threat intelligence sources should be quality over quantity,” adds Karasev.

Advertisement. Scroll to continue reading.

Kaspersky suggests paying special attention to the following points when evaluating external threat intelligence solutions: 

  • Information sources the vendor uses: vendors that aggregate information from around the world can provide more visibility over actual threats and efficiently correlate fragmented activities.
  • Capability to provide context: contextual data helps reveal the “bigger picture”, further validating and supporting the wide-ranging uses of the data. Relationship context, such as domains associated with the detected IP addresses or URLs for where the file was downloaded from, etc., boosts incident investigation and supports better incident ‘scoping’ by uncovering newly acquired related Indicators of Compromise in the network.
  • Compatibility with existing solutions: an examination of vendor’s delivery methods and integrations systems ensures smooth integration of threat intelligence into existing security operations.
  • Vendor’s experience: proven track record of threats investigation ensures the efficacy of proposed solutions. 

The full study Mature Threat Intelligence to Build Resilient Cybersecurity Programs is available via the link. 

Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

This work aims to address the challenges young people face when living different lives in the real world versus online, as two-thirds (67%) of...

HEADLINES

Customers can get up to P5,000 cashback when they apply for a new UnionBank Credit Card and use their new card to pay for...

HEADLINES

Offering best-in-class service that sets the standard for a premium digital lifestyle, Smart Infinity’s postpaid offers—plans 3500, 5000, and 8000—come with Unlimited data, Unlimited...

HEADLINES

LG Electronics (LG) is currently hosting the inaugural LG HVAC Consultant Leaders’ Summit – LG Alumni Event – in Seoul, South Korea (May 28-31)....

HEADLINES

Maya's research reveals that 59% of its borrowers are accessing credit for the first time through Maya, highlighting the platform's role as a crucial...

HEADLINES

The Digital Bank Association of the Philippines (DiBA PH) reiterated this commitment during a significant roundtable discussion with H.M. Queen Máxima of the Netherlands,...

HEADLINES

Through international remittance service providers like Western Union, Ria, Remitly, and MoneyGram, Filpinos overseas can securely send money straight to the GCash accounts of...

Biz Solutions

The collaboration between HP and Canva aims to benefit both HP Print Service Providers (PSPs) and the Canva community worldwide, enabling anyone creating visual...

Advertisement