Critical cybersecurity gaps

49% of survey respondents said their organisations struggle to operationalise and get value from their threat intelligence due to team, tech, and data silos.

  • Wednesday, 17th July 2024 Posted 1 year ago in by Phil Alsop

Cyware has released the findings of its anonymised 2024 Threat Intelligence and Collaboration Survey. Conducted with security professionals at the recent Infosecurity Europe 2024 exhibition, the research reveals that the overwhelming majority of organisations recognise the crucial importance of collaboration and information sharing in the fight against cybercrime, but most struggle to effectively combine insights across teams and security platforms.

Specifically, 91% of respondents said collaboration and information sharing are very important or absolutely crucial for cybersecurity. In addition, 70% believe their organisation could improve threat intelligence sharing, with 19% saying they could share significantly more. However, over half of the research respondents (53%) said their organisation does not currently utilise an Information Sharing and Analysis Centre (ISAC), underlining the shortcomings of the way most security teams approach threat intelligence. Over a quarter (28%) said they were unaware of the existence and role of ISACs altogether. This is despite the proven value ISACs deliver in enabling organisations to manage risk, backed by trusted analysis and effective coordination.

When asked to identify the weakest link in their approach to cybersecurity information sharing and collaboration, over half (51%) said people are the main barrier to improvement, followed by processes (21%) and technologies (11.%). Taking all these factors into account, nearly half of the survey respondents (49%) said that their organisations struggle to combine and derive actionable insights across multiple security tools, such as threat intelligence platforms, SIEM, asset management, and vulnerability management platforms.

Looking at the emerging role of AI in improving or reducing an organisation’s ability to share threat intelligence, 65% thought it would improve their organisation’s ability to share information, with over a third (35%) saying the technology is already having an impact.

Other key research findings include:

70% said their organisations could share more threat intelligence, while only 23% said they are currently sharing the right amount of information. Only 2% thought they were sharing too much.

Asked which teams are least likely to share threat intelligence with other departments, DevOps (31%) emerged as the top answer, followed by Security Ops (17%), Threat Intelligence (16%) and IT Ops (15%).

23% of teams share threat intelligence on a daily basis, 21% in real-time, 17% weekly and 14% monthly.

“The disconnect between teams and the siloed approach taken around the use of security tools poses a serious threat to the delivery of threat intelligence, and by definition, the ability of organisations to protect themselves against today’s cybersecurity risks,” said Terrence Driscoll, Cyware’s Chief Information Security Officer. “What’s required instead is the proactive approach offered by creating virtual and distributed Cyber Fusion Centres where traditionally siloed security functions are scalable and integrated, combining high-fidelity threat intelligence with threat operations for rapid threat response.” 

Abzorb launches a Mobile Masterclass to empower UK channel partners to integrate mobile as a core business offering.

Tool sprawl: The quiet culprit behind MSP burnout

Posted 1 week ago by Aaron Sandhu
A Heimdal study reveals how the proliferation of security tools overwhelms and exhausts North American MSPs, leading to significant operational...
StorONE's platform allows Storage Guardian to consolidate its infrastructure and boost efficiency, dramatically reducing its data centre footprint.

Securing the future: Navigating hybrid cloud challenges

Posted 2 weeks ago by Aaron Sandhu
New research indicates organisations face hurdles in securing applications across diverse cloud environments, highlighting a need for unified...
Flexera introduces a new platform for comprehensive SaaS discovery, optimisation, and control, addressing challenges such as shadow AI and fragmented...
SolarWinds report suggests IT leaders underestimate the impact of broken processes and limited staff.
CISPE appeals Broadcom's VMware acquisition approval, citing competition risks and exclusion of smaller providers.
Red Hat introduces updates to streamline partner interactions, focusing on specialisation and demand generation for enhanced synergy.