Content, Content

CISOs Searching Dark Web for Intelligence on Cybercriminals: What Have They Found?

Realistic vector radar in searching. Vector.

In a bit of a twist, chief information security officers (CISOs) are looking to the dark web to improve their organization’s security posture, according to a new report by dark web specialist Searchlight Cyber.

The Search for Threat Intelligence

What are the CISOs looking for? Short answer: threat intelligence on cybercriminals. But there’s more to it than that. Nearly all 1,000 CISOs in the U.S. and U.K. involved in the survey (93%) are concerned about dark web threats. Some 72% believe that intelligence on criminals is “critical” to defend their organization, and 79% are currently gathering data from the dark web.

So, what’s the problem? While 71% of CISOs reported a desire to see whether their suppliers are being targeted on the dark web, only 32% of those that are gathering dark web data are using it to monitor for attacks against their supply chain.

Commenting on the findings, Ben Jones, chief executive and co-founder of Searchlight Cyber, said:

“Our survey suggests that the U.S. is slightly ahead of the U.K. in the adoption of dark web intelligence. What is significant is the clear pattern that emerges between gathering more threat intelligence and data from the dark web, and a better security posture. For the U.K. enterprises that haven’t identified the opportunity of dark web intelligence the results make it crystal clear: gathering dark web intelligence will help them gain a better understanding of their adversaries and increase their chances of spotting an attack.”

More Findings from the Study

In an earlier study of 500 managed security service providers, Searchlight found a surge in customer demand for dark web intelligence but a gap between demand and delivery. More than half (56%) are undertaking dark web monitoring, and 67% reported that their clients have requested threat intelligence from the dark web.

Searchlight also found that:

  • 80% of U.S. enterprises are gathering threat intelligence, compared to 72% in the U.K.
  • U.S. enterprises are also more likely to use dark web data sources (84% vs. 75% in the U.K.
  • 85% of the U.S. CISOs said they are confident that they understand the profile of their adversaries, compared to 70% of CISOs in the U.K.
  • The finance industry leads the adoption of dark web intelligence, with 85% of financial organizations already gathering data from the dark web, followed closely by manufacturing (83%), IT and telecoms (80%), and professional services (80%).
  • Only 57% of healthcare organizations are using dark web intelligence in their security strategy. The oil and gas industry is also behind other “high risk” sectors, with 66% of CISOs saying they gather data from the dark web.
  • On the other hand, only 60% of healthcare CISOs and 74% of oil and gas CISOs are confident about understanding the profile of their adversaries, lower than the industry average of 77%.
D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.