Threat data accuracy in question

New research suggests many organisations struggle to obtain high-quality threat data to guide key security decisions.

  • Monday, 26th October 2020 Posted 4 years ago in by Phil Alsop
Neustar has released a new report from the Neustar International Security Council (NISC) which shows that organisations are often forced to make critical security decisions based on threat data that is not accurate, relevant and fresh.

 

Just 60% of cybersecurity professionals surveyed indicate that the threat data they receive is both timely and actionable, and only 29% say the data they receive is both extremely accurate and relevant to the threats their organisation is facing at that moment. With regard to the timeliness of threat data, only 27% of organisations are able to base their security decisions on near real-time data, while 25% say they receive updates hourly and another 24% receive updates several times per day.

 

“With the pandemic exacerbating the sheer volume of threats and the nature of remote workforces creating a broader range of vulnerabilities, it is more critical than ever that organisations have access to actionable, contextualised, near real-time threat data to power the network and application security tools they use to detect and block malicious actors,” said Rodney Joffe, chairman of NISC and security CTO, senior vice president and fellow at Neustar. “A timely, actionable and highly relevant security threat data feed can help deliver curated insights to security teams, allowing them to better identify and mitigate risks such as malicious domain generation algorithms, suspicious DNS tunnelling attempts, sudden activity by domains with little or no history, and hijacked or spoofed domains.”

 

According to the report, approximately one-third of organisations state that they have been the victim of a successful domain spoofing attempt (37%) or domain hacking attempt (31%) within the last 12 months.

 

Findings from the latest NISC research also highlighted a 12.4-point year-on-year increase in the International Cyber Benchmarks Index. Calculated based on the changing level of threats and impact of cyberattacks, the index has maintained an upward trend since May 2017.


During July and August 2020, system compromise and distributed denial-of-service attacks (both 21%) were ranked as the greatest concerns for security professionals, followed by ransomware (20%) and theft of intellectual property (17%). During this period, targeted hacking (63%) was most likely to be perceived as an increasing threat to organisations, followed by ransomware and DDoS attacks (both 62%). In this round of the survey, 72% of participating enterprises indicated that they had been on the receiving end of a DDoS attack at some point, compared to an average of 52% over the 20 survey rounds.