Sharing cyber intelligence can prevent security breaches

A SANS Institute survey has revealed that sharing cyber threat intelligence will drastically improve cyber defence methods within organisations

Cyber shield

At boardroom level they seem to not understand threat intelligence, according to the report

Cyber collaboration, or sharing cyber threat intelligence can help prevent cyber security breaches.

Businesses have entered the digital age, and this increased connectivity is dangerous.

According to PricewaterhouseCoopers, over half of British businesses will suffer cyber attacks by 2018.

The cyber threat is growing, and high profile data breaches resulting from cyber attacks have dominated tech headlines in recent years.

There are solutions.

>See also: Advanced cyber threats, demystified

Sharing cyber threat intelligence helps companies to reduce security breaches and the exposure of sensitive data, according to a survey carried out by SANS Institute.

71% of the respondents said that access to shared threat intelligence gave them improved visibility into threats.

Alarmingly, however, only 40% are actively contributing to threat intelligence, with most just passively consuming information.

This is the problem. There doesn’t appear to be a collective will to share this information, which in turn will provide immense cyber defence and prevention benefits.

Almost half (48%) said that cyber threat intelligence (CTI) helps to reduce breaches (actual exposure of sensitive data, business outage).

Again, there is a problem, identified by the report, holding this solution back.

There is a lack of talent, with 35% of respondents citing a lack of trained staff and skills as a hindrance to implementing CTI effectively.

>See also: The 2016 cyber security roadmap

Where does the problem lie? Why aren’t these cyber threat solutions being utilised?

The report suggests the issue lies in the management tier of organisations. At boardroom level they seem to not understand threat intelligence, according to the report.

35% said that a lack of management buy-in was stopping them from implementing CTI effectively – this figure increased from 11% in 2015.

Commenting on this report, Javvad Malik, security advocate at AlienVault, explains: “Cyber security is a regular staple of the news agenda but management tiers still don’t understand the value of threat intelligence, or how it can transform their organisation’s ability to defend against data breaches. The fact that this trend has worsened so significantly from the previous year paints a worrying picture for the future of our industry.”

>See also: How businesses can hunt for cybercriminals

The problem with this problem is that there is no recognised universal infrastructure for sharing cyber threat intelligence.

Nearly three quarters of security teams (74%) using threat intelligence are acquiring this information from industry and community sharing groups, such as the AlienVault Open Threat Exchange (OTX).

There appears to be a stigma surrounding sharing cyber threat information, because there is a worry sensitive company information could be exposed in the process.

“While this is a legitimate concern for many,” said Malik, “it shouldn’t be a stopping point – many items such as hash values, suspicious IP addresses and domain names are shareable with relative ease and without exposing any internal information”.

Comments (0)