Content, Content

Report: Threat Intelligence Programs Save Businesses Big Money

Organizations deploying a threat intelligence solution to combat cybercrime saved on average $8.8 million over a 12-month period, a new study found.

ThreatConnect sponsored the research, which queried 351 cybersecurity decision makers on how their organizations are using threat intelligence to shore up their defenses. The resulting report, entitled Building a Threat Intelligence Program, found that the respondents with more mature platforms are using it to aggregate and monitor data in one place.

A fully mature threat intelligence program appears to be the key to successfully withstanding cyber attacks. Decision makers surveyed sporting such technology said that it prevented phishing attacks (72%), ransomware attacks (65%) and business email compromise (67%), according to the research findings.

In the larger view, more than 50 percent of the organizations in the study, irrespective of a mature platform or size, with a threat intelligence system in place said they’ve prevented phishing attacks (67%), ransomware attacks (58%), breach of customer data (60%), insider threats (57%), business email compromise (55%), and supply chain attacks (49%).

A lack of trained security pros on staff continues to plague companies in the survey. More than 70 percent of all respondents agree at some level that they do not have the staff or resources to monitor all cybersecurity threats. Roughly 30 percent of cybersecurity decision makers whose outfits have fully mature threat intelligence programs said they don’t have the staff or resources to monitor all cybersecurity threats they face.

Additional key findings include:

Oh oh. Only 12 percent of the respondents said avoiding embarrassing, public disclosures of information is a top-three factor when evaluating the success of a threat intelligence program.

What’s important? Guarding personal client information (67%), removing risks faced from cyber-crime activities (59%), and protecting monetary assets of the organization (53%) are the primary considerations.

Industry. In companies that have threat intelligence programs, cybersecurity decision makers in telecom and communications (90%), retail and consumer product goods (86%), hi-tech (79%), and banking and finance (71%) said that their organizations’ threat intelligence programs blocked threats within the last year that otherwise would have cost a significant sum of money. Only 63 percent in utilities and 58 percent in manufacturing said the same.

Vulnerability. Some 57 percent said their organizations are more susceptible to cybersecurity threats in 2018 than they were in 2017.

Government. More than one-in-three (36%) cybersecurity decision makers shares threat intelligence data with a government agency.

Savings. Slightly less than 80 percent of cybersecurity decision makers said that their organizations saved a significant amount of money in the last year through threat intelligence programs that blocked cyber attacks.

Budgets. 70 percent of C-suite executives plan to allocate more budget in the next 12 months to their organizations’ threat intelligence programs.

Detectives. Organizations with threat intelligence programs in place are able to obtain information pertaining to the location the cyber attack originated from (74 percent) and the types of cyber weapons used (67 percent) during or after an attack.

D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.