Many organizations recognize the importance of understanding the cyber threat actors targeting them, but few use these insights when they make cybersecurity decisions, according to the "Global Perspectives on Threat Intelligence" report from Mandiant.
Threat Report Examined
Here are key takeaways from the report:
- 79% of respondents said their organizations make most of their cybersecurity decisions without insights into the threat actors targeting them.
- 79% said they believe their organizations could focus more time and energy on identifying critical security trends.
- 67% said they believe their senior leadership teams underestimate the cyber threats posed to their organizations.
- 62% indicated that their organizations' security teams share threat intelligence with their employees.
- 47% said they felt that they could not prove to their senior leadership team that their organization has a highly effective cybersecurity program.
Organizations clearly "understand the need for better intelligence on threat actors," Mandiant noted in its report. However, many organizations continue to make security decisions without a full understanding of who is attacking their organization and why. As such, these organizations have security gaps that cybercriminals can exploit, leading to data breaches.
How Can Organizations Use Threat Intelligence and Get the Most Value Out of It?
Mandiant offered the following recommendations to help organizations generate threat intelligence, capture insights from it and use these insights to make informed security decisions:
- Establish a threat intelligence program based on security data that is timely, trustworthy and accurate.
- Identify threats that currently impact your organization and those in your industry.
- Share relevant threat intelligence with employees and other business stakeholders.
- Assess security vulnerabilities and exposures, give them a risk rating based on criticality and address them in the right order.
- Perform tests to evaluate your organization's security posture.
- Utilize threat intelligence to keep pace with current and emerging threats.
Threat intelligence empowers organizations to "anticipate threats before they become a problem and deal with them more effectively," Mandiant pointed out. If organizations understand the threat intelligence at their disposal, they can use it to guard against cyberattacks and prevent data breaches.