Cyber intelligence insights for a secure business: Ponemon Institute
The number one barrier to effective threat intelligence is internal silos among IT departments and lines of business. This finding indicates the importance of a centralised program and tools to make the exchange of threat intelligence easier.
60% of enterprises report that their threat intelligence goes stale within minutes. Lack of timeliness makes threat intelligence irrelevant. Only 9% of organisations say they receive threat intelligence in near real time.
45% of enterprises investigate cyber threats manually. This high percentage of manual cyber threat investigation may contribute to the dissatisfaction with the quality of threat intelligence they’re obtaining. Manual threat investigation leads to slower incident response.
Only 31% of organisations say their threat intelligence is actionable. This means that their CTI does not provide enough context for it to be actionable, making it ineffective for security operations.
Only 35% of organisations say their cyber threat intelligence is accurate. Lack of accuracy of CTI is among the top three complaints of enterprises about their threat intelligence data. Working with inaccurate data makes it difficult for any team to make the right decisions.
Ashraf Sheet, regional director, MEA at Infoblox.