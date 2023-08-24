CRA Survey: Threat Intelligence Tools No Longer Optional
Early-warning attack feeds and actionable reporting are indispensable features in any threat intelligence programNEW YORK, NEW YORK, UNITED STATES, August 24, 2023/EINPresswire.com/ -- Early, actionable access to credible intelligence is critical amid today’s rapidly changing threat landscape, according to 210 security and IT leaders and executives, practitioners, administrators, and compliance professionals surveyed by CyberRisk Alliance last month. As a result, they now consider threat intelligence tools as essential and are working to acquire more of them.
“Threat intelligence has discovered gaps in our organization’s security architecture and has allowed us to reconfigure our site networks to prevent mass attacks from impacting multiple parts of the organization,” said one respondent.
Key takeaways of the report:
• Respondents crave automated threat intelligence that can anticipate and take immediate action on threats. Fifty-six percent say automated threat detection and response merits must-have status. Having an early warning feed of the newest attacks (80%) and actionable reporting with relevant context (78%) are broadly seen as indispensable features in any threat intelligence program.
• Threat intelligence is largely geared toward improving incident response and internal awareness. Sixty-five percent say threat data is used to improve incident response, versus 50% who say it is used to inform proactive threat hunting. Threat data is primarily collected from internal network traffic versus external sources like the dark web.
• Threat intelligence helps inform proactive policies and updating of threat models. Threat intelligence “helps us develop proactive defense strategies to prevent attacks before they occur,” said one respondent. Many others credited threat intelligence with raising awareness of vulnerabilities and blind spots requiring attention.
• Complex tech stacks and inadequate integrations are a constant challenge to threat intelligence efficacy. Many report challenges when it comes to integrating various security products and data feeds. This results in data that is frequently unreliable, incomplete, or low-quality.
