Some do so anyway, according to new Kaspersky research.
Threat intelligence (TI) analysts are often involved in professional information-sharing communities, such as ISACS. But that does not necessarily mean they are offering up helpful threat intelligence for the common good: According to new research from Kaspersky, while over two-thirds (69%) of TI analysts said they are involved in professional communities, 48% of all those working in IT and cybersecurity roles are not allowed to share threat intelligence artifacts discovered through those communities.
Kaspersky surveyed more than 5,200 IT and cybersecurity practitioners globally for the report "to see if other businesses were ready to collaborate and share TI."
The research found that respondents with TI analysis responsibilities are more likely to participate in specialized forums and blogs (41%), Dark Web forums (33%), or social media groups (21%). But when it comes to sharing their own findings, only 50% of respondents have actually made their discoveries public.
In companies where external sharing is allowed, 79% of security analysts did so. In 7% of cases, security analysts even shared TI findings despite it being prohibited by their organizations.
Kaspersky says sharing restrictions are partly driven by concerns that if some objects are known publicly before a company can respond to an attack, then cybercriminals may realize they have been detected and change their tactics.
Read the full report here.
About the Author(s)
You May Also Like
The fuel in the new AI race: Data
April 23, 2024Securing Code in the Age of AI
April 24, 2024Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024