Gaps Identified In Threat Intelligence Sharing & Collaboration

Uploaded on 2024-07-19 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW

A leading provider of threat intelligence management and cyber fusion solutions, Cyware,  has released the findings of its anonymised 2024 Threat Intelligence and Collaboration Survey

Conducted with security professionals at the recent Infosecurity Europe 2024 exhibition, the research reveals that the overwhelming majority of organisations recognise the crucial importance of collaboration and information sharing in the fight against cyber crime, but most struggle to effectively combine insights across teams and security platforms. 

Specifically, 91% of respondents said collaboration and information sharing are very important or absolutely crucial for cybersecurity. In addition, 70% believe their organisation could improve threat intelligence sharing, with 19% saying they could share significantly more. However, over half of the research respondents (53%) said their organisation does not currently utilise an Information Sharing and Analysis Centre (ISAC), underlining the shortcomings of the way most security teams approach threat intelligence. 

  • Over a quarter (28%) said they were unaware of the existence and role of ISACs altogether. This is despite the proven value ISACs deliver in enabling organisations to manage risk, backed by trusted analysis and effective coordination.  
  • When asked to identify the weakest link in their approach to cyber security information sharing and collaboration, over half (51%) said people are the main barrier to improvement, followed by processes (21%) and technologies (11.%). 

Taking all these factors into account, nearly half of the survey respondents (49%) said that their organisations struggle to combine and derive actionable insights across multiple security tools, such as threat intelligence platforms, SIEM, asset management, and vulnerability management platforms.  

Looking at the emerging role of AI in improving or reducing an organisation’s ability to share threat intelligence, 65% thought it would improve their organisation’s ability to share information, with over a third (35%) saying the technology is already having an impact.  Other findings include:-    

  • 70% said their organisations could share more threat intelligence, while only 23% said they are currently sharing the right amount of information. Only 2% thought they were sharing too much. 
  • Asked which teams are least likely to share threat intelligence with other departments, DevOps (31%) emerged as the top answer, followed by Security Ops (17%), Threat Intelligence (16%) and IT Ops (15%). 
  • 23% of teams share threat intelligence on a daily basis, 21% in real-time, 17% weekly and 14% monthly.  

Terrence Driscoll, Cyware’s Chief Information Security Officer commented, "The disconnect between teams and the siloed approach taken around the use of security tools poses a serious threat to the delivery of threat intelligence, and by definition, the ability of organisations to protect themselves against today’s cyber security risks,”

“What’s required instead is the proactive approach offered by creating virtual and distributed Cyber Fusion Centres where traditionally siloed security functions are scalable and  integrated, combining high-fidelity threat intelligence with threat operations for rapid threat response.” Driscoll said.

You Might Also Read: 

Business Is Responding To AI Cyber Security Threats:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« New British Government Will Legislate On Cyber Security
Semiconductor Manufacturing Companies Stocks Fall »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Asigra

Asigra

Asigra provides an industry leading cloud backup and recovery software platform called Asigra Cloud Backup.

Graphus

Graphus

Graphus provides a simple, powerful, automated solution that eliminates 99% of social engineering and spear phishing attacks against G Suite business Gmail users.

Sasa Software

Sasa Software

Sasa Software is a cybersecurity software developer specializing in the prevention of file-based network attacks.

ecsec

ecsec

ecsec is a specialized vendor of security solutions including information security management, smart card technology, identity management, cloud computing and electronic signature technology.

National Cyber Security Centre (NCSC) - New Zealand

National Cyber Security Centre (NCSC) - New Zealand

The role of the NCSC is to help New Zealand’s most significant public and private sector organisations to protect their information systems from advanced cyber-borne threats.

Alyne

Alyne

Alyne is a Munich based 2B RegTech offering organisations risk insight capabilities through a Software as a Service.

CIRISK

CIRISK

CIRISK offers a wide range of services from consulting to audit or project management to help you develop your cyber security or information security strategy.

Google for Startups

Google for Startups

Google for Startups is Google’s initiative to help startups thrive across every corner of the world.

CSC Digital Brand Services

CSC Digital Brand Services

Our brand protection and security expertise give our customers peace of mind that no matter how fast the digital world changes, their intellectual property and digital assets will be secure.

Sparrow

Sparrow

Sparrow specializes in application security testing solutions to cope with new technology trends such as cloud, mobile, and DevSecOps.

TwoThreeFour

TwoThreeFour

ThreeTwoFour provide tailored cyber security solutions, delivered by highly-skilled, experienced consultants who respond to the real needs of you and your business.

NetWitness

NetWitness

NetWitness empowers security teams to rapidly detect today’s targeted and sophisticated attacks with unparalleled visibility.

Ridge Security

Ridge Security

Ridge Security enables enterprise and web application teams, ISVs, governments, education, DevOps, anyone responsible for ensuring software security to affordably and efficiently test their systems.

Acora

Acora

Acora provide a range of best-in-class managed services, Microsoft-centric business software, and cloud solutions designed to help mid-market organisations succeed in the digital economy.

SequelNet

SequelNet

SequelNet is an emerging MSP, providing 360° business IT solutions and consulting services.

Vambrace Cybersecurity

Vambrace Cybersecurity

Vambrace is an experienced cybersecurity consultancy and operations outsourcer helping you to secure your business in an increasingly-hostile cyber environment.