Welcome!

News Feed Item

Second Annual Ponemon Report Finds Threat Intelligence Critical to Strong Security Posture

Organizations Continue to Struggle with Insufficient Expertise, Data Overload, Inadequate Threat Sharing

REDWOOD CITY, CA -- (Marketwired) -- 09/14/17 -- Anomali today released the findings of its second annual Ponemon Institute study, highlighting the increasing importance of threat intelligence in detection and mitigation of cybersecurity threats. Amidst growing concerns of large-scale cyber attacks, the survey found that 84 percent of organizations indicated threat intelligence is "essential to a strong security posture." However, many organizations struggle with an overwhelming amount of threat data and lack of staff expertise, which diminish the effectiveness of their threat intelligence programs. Threat sharing remains a key priority for organizations, half of which report participating in sharing communities, but a majority of these organizations (60 percent) only receive community intelligence and do not contribute.

"The Value of Threat Intelligence: The Second Annual Study of North American and United Kingdom Companies" surveyed over 1,000 IT and security practitioners to examine trends in the benefits and challenges of threat intelligence. The results uncovered year over year growth across several critical areas of threat intelligence usage, including increased adoption and effectiveness. Key findings include:

  • 80 percent of North American organizations are currently using threat intelligence as a part of their cybersecurity program, up from 65 percent in 2016
  • 86 percent of respondents indicate threat intelligence is valuable to their security mission, up from 77 percent the previous year
  • 83 percent of North American respondents indicate a Threat Intelligence Platform (TIP) is necessary to maximize the value of intelligence data

"It's abundantly clear that organizations now understand the benefits provided by threat intelligence, but the overwhelming volume of threat data continues to pose a hurdle to truly effective adoption," said Dr. Larry Ponemon, chairman and founder of the Ponemon Institute. "Threat intelligence programs are often challenging to implement, but when done right, they are a critical element in an organization's security program. The significant growth in adoption over the past year is encouraging as it indicates widespread recognition of the value threat intelligence provides."

Organizations Still Struggle to Maximize the Value of Threat Intelligence
The Ponemon report revealed that despite overall improvement in threat intelligence usage, threat data overload continues to plague organizations. Sixty-nine percent of respondents indicated that threat intelligence is too voluminous and complex to provide actionable intelligence. Other respondents cited difficulty in the integration of threat intelligence platforms with other security technologies and tools (64 percent), and a lack of alignment between analyst activities and operational security events (52 percent). Additionally, 71 percent of organizations fail to keep more than three months of historical event logs online, posing a significant challenge in identifying existing threats within the organization.

Other top reasons for threat intelligence ineffectiveness include:

  • Lack of staff expertise (71 percent of respondents)
  • Lack of ownership (52 percent of respondents)
  • Lack of suitable technologies (48 percent of respondents)

"We all see the growing cybersecurity threats, with attacks routinely making the front page. Every day cyber researchers discover thousands of new threats. Organizations need rapid access to the latest threat intelligence to detect any malicious activity in their networks," said Hugh Njemanze, CEO of Anomali. "In the face of unprecedented volumes of cyber threats, organizations must be able to quickly pinpoint active threats and mitigate them before material damage occurs. This requires a system that is able to prioritize threat data and turn it into actionable insights."

External threat sharing also remains limited. Only 50 percent of respondents currently participate in industry-centric sharing initiatives such as Information Sharing & Analysis Centers (ISACs), which provide industry-relevant intelligence, collaboration with peers and networking with other security teams. Of those organizations, the majority (60 percent) only receive threat intelligence through ISACs but do not contribute intelligence. The biggest hurdles to outbound intelligence sharing include a lack of expertise (54 percent) followed by fear of revealing a breach (45 percent).

The Right Technology and Expertise Make Threat Intelligence Meaningful
In response to these challenges, many organizations have successfully identified a variety of resources and techniques to help maximize the effectiveness of their threat intelligence, including:

  • Deploying a threat intelligence platform (80 percent of respondents)
  • Integrating SIEM with a threat intelligence platform (65 percent of respondents)
  • Having a qualified threat analyst on staff (54 percent of respondents)

To download a copy of "The Value of Threat Intelligence: The Second Annual Study of North American and United Kingdom Companies," and listen to a podcast interview with the report's author, Larry Ponemon, please visit: www.anomali.com/ponemon

Learn more about Anomali products: www.anomali.com/platform
Follow us on Twitter: https://twitter.com/Anomali
Follow us on LinkedIn: https://www.linkedin.com/company/10505212/

About Anomali
The Anomali suite of threat intelligence solutions empowers organizations to detect, investigate and respond to active cybersecurity threats. The award-winning ThreatStream threat intelligence platform aggregates and optimizes millions of threat indicators, creating a "cyber no-fly list." Anomali integrates with internal infrastructure to identify new attacks, or search forensically over the past year to discover existing breaches, and enables security teams to quickly understand and contain threats. Anomali also offers STAXX, a free tool to collect and share threat intelligence, and provides a free, out of the box intelligence feed, Anomali Limo. To learn more, visit www.anomali.com and follow us on Twitter: @Anomali.

Press Contact
Nicole Pitaro
Bhava Communications for Anomali
Email Contact

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

Latest Stories
SYS-CON Events announced today that SIGMA Corporation will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. uLaser flow inspection device from the Japanese top share to Global Standard! Then, make the best use of data to flip to next page. For more information, visit http://www.sigma-k.co.jp/en/.
Most of the time there is a lot of work involved to move to the cloud, and most of that isn't really related to AWS or Azure or Google Cloud. Before we talk about public cloud vendors and DevOps tools, there are usually several technical and non-technical challenges that are connected to it and that every company needs to solve to move to the cloud. In his session at 21st Cloud Expo, Stefano Bellasio, CEO and founder of Cloud Academy Inc., will discuss what the tools, disciplines, and cultural...
Why Federal cloud? What is in Federal Clouds and integrations? This session will identify the process and the FedRAMP initiative. But is it sufficient? What is the remedy for keeping abreast of cutting-edge technology? In his session at 21st Cloud Expo, Rasananda Behera will examine the proposed solutions: Private or public or hybrid cloud Responsible governing bodies How can we accomplish?
SYS-CON Events announced today that N3N will exhibit at SYS-CON's @ThingsExpo, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. N3N’s solutions increase the effectiveness of operations and control centers, increase the value of IoT investments, and facilitate real-time operational decision making. N3N enables operations teams with a four dimensional digital “big board” that consolidates real-time live video feeds alongside IoT sensor data a...
DevOps at Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 21st Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to w...
SYS-CON Events announced today that NetApp has been named “Bronze Sponsor” of SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. NetApp is the data authority for hybrid cloud. NetApp provides a full range of hybrid cloud data services that simplify management of applications and data across cloud and on-premises environments to accelerate digital transformation. Together with their partners, NetApp em...
Real IoT production deployments running at scale are collecting sensor data from hundreds / thousands / millions of devices. The goal is to take business-critical actions on the real-time data and find insights from stored datasets. In his session at @ThingsExpo, John Walicki, Watson IoT Developer Advocate at IBM Cloud, will provide a fast-paced developer journey that follows the IoT sensor data from generation, to edge gateway, to edge analytics, to encryption, to the IBM Bluemix cloud, to Wa...
With the rise of DevOps, containers are at the brink of becoming a pervasive technology in Enterprise IT to accelerate application delivery for the business. When it comes to adopting containers in the enterprise, security is the highest adoption barrier. Is your organization ready to address the security risks with containers for your DevOps environment? In his session at @DevOpsSummit at 21st Cloud Expo, Chris Van Tuin, Chief Technologist, NA West at Red Hat, will discuss: The top security r...
There is huge complexity in implementing a successful digital business that requires efficient on-premise and cloud back-end infrastructure, IT and Internet of Things (IoT) data, analytics, Machine Learning, Artificial Intelligence (AI) and Digital Applications. In the data center alone, there are physical and virtual infrastructures, multiple operating systems, multiple applications and new and emerging business and technological paradigms such as cloud computing and XaaS. And then there are pe...
SYS-CON Events announced today that B2Cloud will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. B2Cloud specializes in IoT devices for preventive and predictive maintenance in any kind of equipment retrieving data like Energy consumption, working time, temperature, humidity, pressure, etc.
DevOps at Cloud Expo – being held October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA – announces that its Call for Papers is open. Born out of proven success in agile development, cloud computing, and process automation, DevOps is a macro trend you cannot afford to miss. From showcase success stories from early adopters and web-scale businesses, DevOps is expanding to organizations of all sizes, including the world's largest enterprises – and delivering real r...
With major technology companies and startups seriously embracing Cloud strategies, now is the perfect time to attend 21st Cloud Expo October 31 - November 2, 2017, at the Santa Clara Convention Center, CA, and June 12-14, 2018, at the Javits Center in New York City, NY, and learn what is going on, contribute to the discussions, and ensure that your enterprise is on the right path to Digital Transformation.
Your clients expect transactions to never fail, cloud access to be fast and always on, and their data to be protected - no exceptions. Hear about how Secure Service Container (SSC), an IBM-exclusive open technology, enables secure building and hosting of next-generation applications, both cloud and on-premises. SSC protects the full stack from external and insider threats, allows automatic encryption of data in-flight and at-rest, and is tamper-resistant during installation and runtime – with no...
SYS-CON Events announced today that Suzuki Inc. will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Suzuki Inc. is a semiconductor-related business, including sales of consuming parts, parts repair, and maintenance for semiconductor manufacturing machines, etc. It is also a health care business providing experimental research for...
SYS-CON Events announced today that Massive Networks, that helps your business operate seamlessly with fast, reliable, and secure internet and network solutions, has been named "Exhibitor" of SYS-CON's 21st International Cloud Expo ®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. As a premier telecommunications provider, Massive Networks is headquartered out of Louisville, Colorado. With years of experience under their belt, their team of...