Let Cybersecurity Dive’s free newsletter keep you informed, straight from your inbox.
The report, conducted by the market research firm of Vanson Bourne, examines the value and implementation of threat intelligence across global organizations. The respondents span 13 countries and 18 industries, including financial services to healthcare and government.
Effective threat intelligence can impact detections, inform incident response and help guide network defenders proactively hunt for threats, according to Luke McNamara, Mandiant principal analyst, Google Cloud. Threat intelligence can also help the C-suite and board members gain a better understanding of the threat landscape and how that may impact operations.
“Ultimately, threat intelligence is an input into the security function of an organization, that when properly used and disseminated to the right stakeholders within the organization, helps mitigate business risk,” McNamara said via email.
Oftentimes threat actors are hiding for weeks and months within an organization’s computer systems and if their techniques and behavior patterns are unknown, they can often do tremendous damage before a security team even understands what has taken place.
For example, the SolarWinds supply chain attacks were first disclosed in December 2020, however subsequent research found the threat actors were quietly lurking inside the systems of government agencies and private organizations for more than a year before the attack was officially discovered.
The Mandiant report indicates companies may not always have regular communication with their leadership about current developments.
Cybersecurity is discussed on average every four to five weeks within organizations, including with the C-suite, board members and other senior stakeholders. Cybersecurity discussions are less frequent with other groups, such as investors, taking place on average every seven weeks.
Correction: This article has been updated to reflect the supply chain attacks targeting SolarWinds took place in 2020.
Get the free daily newsletter read by industry experts
The scale of cyberthreats are growing, spilling into the mainstream. In 2023, expect the spotlight to add pressure to businesses that have underinvested in security.
CISOs are up against talent shortages and retention concerns amid an increasingly sophisticated threat landscape.
Subscribe to Cybersecurity Dive for top news, trends & analysis
Get the free daily newsletter read by industry experts
The scale of cyberthreats are growing, spilling into the mainstream. In 2023, expect the spotlight to add pressure to businesses that have underinvested in security.
CISOs are up against talent shortages and retention concerns amid an increasingly sophisticated threat landscape.
The free newsletter covering the top industry headlines
Leave a Reply