Despite the widespread belief that understanding the cyber threat actors who could be targeting their organization is important, 79% of respondents stated that their organizations make the majority of cybersecurity decisions without insights into the threat actor targeting them.
While the report found that 96% of respondents were satisfied with the quality of threat intelligence their organization is using, respondents declared effectively applying that intelligence throughout the security organization to be one of their greatest challenges (47%).
Further, 98% of those surveyed said they need to be faster at implementing changes to their cybersecurity strategy based on available threat intelligence.
Underestimating the threat
According to the survey, 67% of cybersecurity decision-makers believe senior leadership teams still underestimate the cyber threat posed to their organizations, while more than 68% agree their organization needs to improve its understanding of the threat landscape.
However, despite these concerns, security decision-makers remain optimistic regarding the effectiveness of their cyber defenses.
When asked about confidence in whether their organization is fully prepared to defend itself against different cybersecurity events, respondents felt most confident in tackling financially motivated threats, such as ransomware (91%), followed by those conducted by a hacktivist actor (89%) and nation-state actor (83%).
When asked to rank which countries their organization would be unable to fully defend itself against, 57% of respondents said Russia, followed by China (53%), North Korea (52%) and Iran (44%).
Further, 53% of respondents felt they could prove to their senior leadership team that their organization has a highly effective cybersecurity program.
Other key findings:
- Cybersecurity is only discussed on average once every four or five weeks with various departments within organizations, including the board, members of the C-suite and other senior stakeholders. This cadence is even less frequent for groups such as investors, where the average lowers to once every seven weeks.
- Only 38% of security teams share threat intelligence with a wider group of employees for risk awareness.
- 79% of respondents relayed that their organization could focus more time and energy on identifying critical trends.
Taking advantage of available threat intelligence
Sandra Joyce, VP, Mandiant Intelligence at Google Cloud comments: “A conventional, check-the-box mindset isn’t enough to defend against today’s well-resourced and dynamic adversaries. Security teams are outwardly confident, but often struggle to keep pace with the rapidly changing threat landscape. They crave actionable information that can be applied throughout their organization.”
Joyce continued, “As our ‘Global Perspectives on Threat Intelligence’ report demonstrates, security teams are concerned that senior leaders don’t fully grasp the nature of the threat. This means that critical cybersecurity decisions are being made without insights into the adversary and their tactics.”
“Organisations in the UK remain high-value targets for cyber threat actors. With a number of high profile breaches already this year, security professionals are more conscious than ever of the need for better security practices,” said Jamie Collier, Mandiant Senior Threat Intelligence Advisor, EMEA, Google Cloud.
“This research indicates that one of the biggest barriers to building stronger defenses is the sheer volume of information: organizations must find better strategies for putting intelligence into action to regain much-needed focus and identify clear priorities. UK organisations need to put themselves on the front foot, and that can only be achieved by knowing your adversaries, implementing changes at speed, and ensuring cyber risks are communicated effectively amongst all stakeholders,” Collier continued.
The report is based on a global survey of 1,350 cybersecurity decision-makers across 13 countries and 18 sectors – including financial services, healthcare and government.