Gaps Identified In Threat Intelligence Sharing & Collaboration

Uploaded on 2024-07-19 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW

A leading provider of threat intelligence management and cyber fusion solutions, Cyware,  has released the findings of its anonymised 2024 Threat Intelligence and Collaboration Survey

Conducted with security professionals at the recent Infosecurity Europe 2024 exhibition, the research reveals that the overwhelming majority of organisations recognise the crucial importance of collaboration and information sharing in the fight against cyber crime, but most struggle to effectively combine insights across teams and security platforms. 

Specifically, 91% of respondents said collaboration and information sharing are very important or absolutely crucial for cybersecurity. In addition, 70% believe their organisation could improve threat intelligence sharing, with 19% saying they could share significantly more. However, over half of the research respondents (53%) said their organisation does not currently utilise an Information Sharing and Analysis Centre (ISAC), underlining the shortcomings of the way most security teams approach threat intelligence. 

  • Over a quarter (28%) said they were unaware of the existence and role of ISACs altogether. This is despite the proven value ISACs deliver in enabling organisations to manage risk, backed by trusted analysis and effective coordination.  
  • When asked to identify the weakest link in their approach to cyber security information sharing and collaboration, over half (51%) said people are the main barrier to improvement, followed by processes (21%) and technologies (11.%). 

Taking all these factors into account, nearly half of the survey respondents (49%) said that their organisations struggle to combine and derive actionable insights across multiple security tools, such as threat intelligence platforms, SIEM, asset management, and vulnerability management platforms.  

Looking at the emerging role of AI in improving or reducing an organisation’s ability to share threat intelligence, 65% thought it would improve their organisation’s ability to share information, with over a third (35%) saying the technology is already having an impact.  Other findings include:-    

  • 70% said their organisations could share more threat intelligence, while only 23% said they are currently sharing the right amount of information. Only 2% thought they were sharing too much. 
  • Asked which teams are least likely to share threat intelligence with other departments, DevOps (31%) emerged as the top answer, followed by Security Ops (17%), Threat Intelligence (16%) and IT Ops (15%). 
  • 23% of teams share threat intelligence on a daily basis, 21% in real-time, 17% weekly and 14% monthly.  

Terrence Driscoll, Cyware’s Chief Information Security Officer commented, "The disconnect between teams and the siloed approach taken around the use of security tools poses a serious threat to the delivery of threat intelligence, and by definition, the ability of organisations to protect themselves against today’s cyber security risks,”

“What’s required instead is the proactive approach offered by creating virtual and distributed Cyber Fusion Centres where traditionally siloed security functions are scalable and  integrated, combining high-fidelity threat intelligence with threat operations for rapid threat response.” Driscoll said.

You Might Also Read: 

Business Is Responding To AI Cyber Security Threats:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« New British Government Will Legislate On Cyber Security
Semiconductor Manufacturing Companies Stocks Fall »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Securosis

Securosis

Securosis is an information security research and advisory firm dedicated to improving the practice of information security.

British Assessment Bureau

British Assessment Bureau

The British Assessment Bureau is an ISO certification body. We check conformity and compliance of companies to recognised ISO standards including ISO 27001.

InfoSec World

InfoSec World

InfoSec World conference and expo covers all aspects of information security with a broad agenda of sessions on key security issues.

7 Elements

7 Elements

7 Elements is an independent IT security testing company providing expertise in technical information assurance through security testing, incident response and consultancy.

Cellopoint

Cellopoint

Cellopoint is a leading manufacturer of information security and email lifecycle management (ELM) products.

XM Cyber

XM Cyber

XM Cyber is a leading hybrid cloud security company that’s changing the way innovative organizations approach cyber risk.

Hubraum

Hubraum

Hubraum is Deutsche Telekom’s tech incubator, helping startups to create new business opportunities in areas including data analytics, AI, robot process automation and cyber security.

Loki Labs

Loki Labs

Loki Labs provides expert cyber security solutions and services, including vulnerability assessments & penetration testing, emergency incident response, and managed security.

IT Acceleration

IT Acceleration

IT Acceleration is a full-service IT management and support, IT compliance and Digital Forensics company.

Cranfield University

Cranfield University

Cranfield Defence and Security are at the forefront of their fields, offering capabilities ranging from cyber security and digital warfare to robotics, forensic sciences and simulation and analytics.

Liminal

Liminal

Liminal is a boutique strategy advisory firm serving digital identity, fintech, and cybersecurity clients, and the private equity / venture capital community.

Serbus

Serbus

Serbus Secure is a fully managed suite of secure communication, enterprise mobility and mobile device security tools.

ERCOM

ERCOM

Ercom, a subsidiary of the Thales Group, is a French company known for its mobility security solutions.

Aegis9

Aegis9

Aegis9 is an Australian owned and sovereign consultancy that specialises in providing tailored security solutions for both public and private sector clients based on their specific needs.

HanaByte

HanaByte

HanaByte is a security consultancy focused on delivering state of the art solutions in the cloud. We specialize in delivering cloud services with an emphasis on security.

BestDefense

BestDefense

BestDefense offers proactive cybersecurity solutions that adapt in real-time to outpace evolving threats and ensure resilient protection for your critical assets.