The value of threat intelligence

When it comes to understanding how a hacker penetrated the corporate network, nearly a quarter (23 percent) had no insight on which channel a breach occurred, according to DomainTools.

Despite the 66 percent year-over-year increase in cyberattacks since 2009, nearly 50 percent of respondents do not currently have a threat intelligence solution. In fact, a number of the organizations surveyed declared they were unlikely to act until after a major breach has occurred.

For many, cost is the main blocking issue with 60 percent of organizations concerned about the expense of implementing a threat intelligence platform to mitigate a “potential” breach before it happens. As a result, when these organizations are attacked, the majority of respondents don’t learn about the attempt or incursion for weeks or months after it occurred – leaving their entire network vulnerable the whole time.

“There’s a perception that threat intelligence solutions are too expensive for the average organization to leverage, leaving many companies poorly armed to fight the growing cyberthreat spectra,” said Tim Chen, CEO of DomainTools. “But as the report confirms, 82 percent of organizations would utilize threat intel most or all of the time if it were provisioned internally. DomainTools, with products like our new Iris threat intelligence platform, is working hard to change the economics of cyber protection by bringing to market solutions that are more cost-effective and easier to implement and use.”

Key findings in the report include:

  • A strong majority of identified attacks continue to come from either email or website navigation, making DNS (in the form of email or web domains and IP addresses) a key component for attack execution.
  • Only 1 percent of organizations would not use a threat intelligence solution if it were made available to them.
  • If given a modest budget increase, only 21 percent said they would invest in staffing, while 70 percent would choose either infrastructure, SIEM or threat intelligence.

The survey was comprised of over 120 qualified security/business executives at companies with an average of 20,000 employees, where the majority had experienced a data breach over the past 12 months.