Organizations struggle to obtain quality threat data to guide key security decisions

Organizations are often forced to make critical security decisions based on threat data that is not accurate, relevant and fresh, a Neustar report reveals.

Just 60% of cybersecurity professionals surveyed indicate that the threat data they receive is both timely and actionable, and only 29% say the data they receive is both extremely accurate and relevant to the threats their organization is facing at that moment.

Few orgs basing decisions on near real-time data

With regard to the timeliness of threat data, only 27% of organizations are able to base their security decisions on near real-time data, while 25% say they receive updates hourly and another 24% receive updates several times per day.

“With the pandemic exacerbating the sheer volume of threats and the nature of remote workforces creating a broader range of vulnerabilities, it is more critical than ever that organizations have access to actionable, contextualized, near real-time threat data to power the network and application security tools they use to detect and block malicious actors,” said Rodney Joffe, Senior VP, Security CTO, Fellow at Neustar.

“A timely, actionable and highly relevant security threat data feed can help deliver curated insights to security teams, allowing them to better identify and mitigate risks such as malicious domain generation algorithms, suspicious DNS tunneling attempts, sudden activity by domains with little or no history, and hijacked or spoofed domains.”

Greatest concerns for security pros

According to the report, 37% of organizations state that they have been the victim of a successful domain spoofing attempt or domain hacking attempt (31%) within the last 12 months.

Findings from the latest NISC research also highlighted a 12.4-point year-on-year increase in the International Cyber Benchmarks Index. Calculated based on the changing level of threats and impact of cyberattacks, the index has maintained an upward trend since May 2017.

During July and August 2020, system compromise and distributed denial-of-service attacks (both 21%) were ranked as the greatest concerns for security professionals, followed by ransomware (20%) and theft of intellectual property (17%).

During this period, targeted hacking (63%) was most likely to be perceived as an increasing threat to organizations, followed by ransomware and DDoS attacks (both 62%). In this round of the survey, 72% of participating enterprises indicated that they had been on the receiving end of a DDoS attack at some point, compared to an average of 52% over the 20 survey rounds.