Almost all IT professionals believe that threat intelligence services and feeds will help their companies get ready for and repulse malware attacks. Only 6% somewhat disagree with that idea, while 94% agree (44% strongly agree and 50% somewhat agree) that such tools are useful. Zero percent strongly disagree.
That's just one of the takeaways from the June 1 report from Dark Reading, "The State of Malware Threats." Dark Reading surveyed 153 IT and security professionals across industries including healthcare, financial services, information technology, manufacturing, telecommunications, and retail. The report aims to sketch out the malware landscape, see how it's affecting companies, and discover what security teams are doing to fight it.
Threat intelligence services and threat intelligence feeds distribute information such as IP addresses and URLs associated with known threats. Potentially the most prominent is the US FBI's InfraGard, but many private companies offer informational feeds for free alongside their paid offerings. Feeds are useful for incorporating into security information and event management (SIEM) and other tools to keep up to date on the latest threats. Threat intelligence services will incorporate the data for a client so that they can take action, with various levels of defensive activity from the service.
Other questions garnered similar levels of agreement among respondents. For example, 86% either strongly (38%) or somewhat (48%) agree that they would see artificial intelligence-powered attacks in the next year; 13% somewhat disagree, and 1% strongly disagree. Concerns about malicious use of deepfakes is a little more split, with 79% agreeing (26% strongly, 53% somewhat) and 21% disagreeing (17% somewhat, 4% strongly).
Attitudes among respondents' colleagues generated more discordance. Considering the statement that discovering a new vulnerability would change their security teams' plans for the week, 73% agree (24% strongly, 48% somewhat), but 28% (23% somewhat, 5% strongly) disagree. That disagreement could come down to confidence in their organizations' plans for handling a crisis rather than its lack of urgency.
The only statement that garnered more disagreement than agreement was the idea that the organization is less concerned about malware than it was last year. Only 44% agree with that (15% strongly agree, 29% somewhat agree), and 56% disagree (39% somewhat, 17% strongly). Again, the people who agree might just be expressing confidence in the new tools and techniques their organization put into place after a rough 2021. After all, Verizon's "Data Breach Investigations Report 2022" found that 40% of data breaches were due to malware, so nobody can really be resting easy.
For more, download the full report.